Опубликовано: 01 апр. 2025
Источник: github
Github: Прошло ревью
CVSS4: 7.2
CVSS3: 8.1
Описание
Drupal Two-factor Authentication (TFA) Vulnerable to Forceful Browsing
Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing. This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.
Пакеты
Наименование
drupal/tfa
composer
Затронутые версииВерсия исправления
< 1.10.0
1.10.0
Связанные уязвимости
CVSS3: 8.1
nvd
10 месяцев назад
Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.