6 matches found
EUVD-2024-51467
Malicious code in bioql PyPI...
The vulnerability in the Advanced PWA module of the Drupal CMS system, related to incorrect authentication, allows a hacker to bypass security restrictions and execute a Forceful Browsing attack.
The vulnerability of the Advanced PWA module in Drupal’s Push Notifications CMS system is related to improper authentication. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute a Forceful Browsing attack...
CVE-2024-13253
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...
CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...
CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0...
CVE-2024-13253
CVE-2024-13253 affects Drupal Advanced PWA inc Push Notifications. Affected versions range from 0.0.0 to before 1.5.0; the root cause is an Incorrect Authorization vulnerability that enables forceful browsing. A fixed version is 1.5.0 or later. Remediation: upgrade to 1.5.0+ or apply vendor guida...