The vulnerability of the Email Contact module in the Drupal CMS system allows attackers to bypass security restrictions and execute a forced browsing attack.

The vulnerability of the Email Contact module in the Drupal CMS system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute a Forceful Browsing attack...

PT-2024-10347 · Drupal · Email Contact

Name of the Vulnerable Software and Affected Versions: Email Contact versions 0.0.0 through 2.0.4 Description: The issue is related to insufficient granularity of access control in the Email Contact module for Drupal, allowing forceful browsing. This can be exploited by a remote attacker to bypas...