Описание
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.
Ссылки
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.x-1.0 (включая) до 6.x-1.3 (включая)Версия от 7.x-1.0 (включая) до 7.x-1.3 (включая)
Одно из
cpe:2.3:a:login_security_project:login_security:*:*:*:*:*:drupal:*:*
cpe:2.3:a:login_security_project:login_security:*:*:*:*:*:drupal:*:*
cpe:2.3:a:login_security_project:login_security:6.x-1.0:beta1:*:*:*:drupal:*:*
cpe:2.3:a:login_security_project:login_security:6.x-1.0:rc1:*:*:*:drupal:*:*
cpe:2.3:a:login_security_project:login_security:6.x-1.x:dev:*:*:*:drupal:*:*
cpe:2.3:a:login_security_project:login_security:7.x-1.x:dev:*:*:*:drupal:*:*
EPSS
Процентиль: 67%
0.00531
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-863
Связанные уязвимости
github
почти 4 года назад
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.
EPSS
Процентиль: 67%
0.00531
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-863