EUVD-2024-51495

Malicious code in bioql PyPI...

The vulnerability of the Block permissions module in the Drupal CMS system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Block permissions module in the Drupal CMS system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2024-13282

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0...

CVE-2024-13282

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0...

CVE-2024-13282

CVE-2024-13282 concerns the Drupal Block permissions module, affected versions 1.0.0 through 1.2.0 (vulnerable). The issue is an incorrect authorization mechanism that can enable forceful browsing (unrestricted access bypass) to protected blocks. Exploitation details are not described beyond this...

CVE-2024-13282 Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0...

CVE-2024-13282 Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Block permissions versions 1.0.0 through 1.2.0, which stems from the inclusion of an authorization error vulnerability...

Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046

This module enables you to manage blocks from specific modules in the specific themes. The module doesn't sufficiently check permissions under the scenario when a block is added using the form "/admin/structure/block/add/pluginid/theme" route "block.adminadd". The attacker can add the block to th...

Drupal Block permissions module 1.0.0-1.1.9 - Administrator+ Broken Access Control vulnerability

Administrator+ Broken Access Control vulnerability discovered by Francesco Sardara in WordPress Module Block permissions versions 1.0.0-1.1.9...

PT-2025-2097 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal Block permissions versions 1.0.0 through 1.2.0 Description: The issue is related to an incorrect authorization mechanism in the Block permissions module of the Drupal CMS system. This can allow a remote attacker to impact the...