๐Ÿ” CVE Alert

CVE-2026-13242

MEDIUM 6.5

Geolocation Field - Critical - SQL Injection - SA-CONTRIB-2026-062

CVSS Score
6.5
EPSS Score
0.2%
EPSS Percentile
5th

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Geolocation Field allows SQL Injection. This issue affects Geolocation Field versions: from 0.0.0 to 3.15.0.

CWE CWE-89
Vendor drupal
Product geolocation field
Ecosystems
Industries
WebMedia
Published Jul 10, 2026
Last Updated Jul 13, 2026
Stay Ahead of the Next One

Get instant alerts for drupal geolocation field

Be the first to know when new medium vulnerabilities affecting drupal geolocation field are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Drupal / Geolocation Field
0.0.0 < 3.15.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
drupal.org: https://www.drupal.org/sa-contrib-2026-062

Credits

Michael Maturi (michaelmaturi) Michael Maturi (michaelmaturi) Christian Adamski (christianadamski) cilefen (cilefen) Neil Drumm (drumm) Greg Knaddison (greggles) Drew Webber (mcdruid) Juraj Nemec (poker10)