exploitDog

GHSA-mqhr-6wmj-4wqg

Опубликовано: 14 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

Ссылки

EPSS

Процентиль: 18%

0.00057

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2025-47709

CVSS3: 6.5

nvd

9 месяцев назад

Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.

EPSS

Процентиль: 18%

0.00057

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-862