DRUPAL-CONTRIB-2026-011

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/material_icons/DRUPAL-CONTRIB-2026-011.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2026-011
Aliases
  • CVE-2026-3210
Published
2026-02-25T18:43:32Z
Modified
2026-02-25T19:44:39.181117Z
Summary
[none]
Details

This module enables you to add icons to CKEditor.

The module doesn't sufficiently add custom permissions to the dialog and autocomplete routes, allowing full access to the routes in most scenarios.

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/material_icons

Package

Name
drupal/material_icons
Purl
pkg:composer/drupal/material_icons

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.4
Database specific 
{
    "constraint": "<2.0.4"
}

Database specific

source 
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/material_icons/DRUPAL-CONTRIB-2026-011.json"
affected_versions 
"<2.0.4"