Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/06/25 6:41 p.m.5 views

DRUPAL-CONTRIB-2025-079

Open Social is a Drupal distribution for online communities, which ships with a default module that allows users to enroll in events. The module doesn't sufficiently protect certain routes from Cross Site Request Forgery CSRF attacks. Users can be tricked into accepting or rejecting these...

8.8CVSS6.7AI score0.00094EPSS
Exploits0References1
OSV
OSVadded 2025/02/12 5:37 p.m.3 views

DRUPAL-CONTRIB-2025-015

Open Social is a Drupal distribution for online communities, which ships with a default module to invite users to groups and events. Invites for a specific user can be seen under certain conditions. The issue is mitigated for events by the fact that social\event\max\enroll has to be enabled...

8.1CVSS6.7AI score0.00388EPSS
Exploits0References1
Drupal
Drupaladded 2025/02/12 12:0 a.m.6 views

Open Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015

Open Social is a Drupal distribution for online communities, which ships with a default module to invite users to groups and events. Invites for a specific user can be seen under certain conditions. The issue is mitigated for events by the fact that socialeventmaxenroll has to be enabled...

8.1CVSS7AI score0.00388EPSS
Exploits0References3
Drupal
Drupaladded 2025/02/12 12:0 a.m.9 views

Open Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014

Open Social is a Drupal distribution for online communities, which ships with a default optional module sociallanguage to make your platform multilingual. Some site administration configuration does not correctly check access when trying to translate allowing unauthorised people to translate thes...

9.1CVSS6.8AI score0.00374EPSS
Exploits0References3
OSV
OSVadded 2024/09/04 4:20 p.m.2 views

DRUPAL-CONTRIB-2024-038

Open Social is a Drupal distribution for online communities. The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not...

5.3CVSS6.6AI score0.00239EPSS
Exploits0References1
Drupal
Drupaladded 2024/09/04 12:0 a.m.5 views

Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038

Open Social is a Drupal distribution for online communities. The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not...

5.3CVSS7AI score0.00239EPSS
Exploits0References8
OSV
OSVadded 2021/06/02 4:51 p.m.1 views

DRUPAL-CONTRIB-2021-011

Open Social is a Drupal distribution for online communities. The included social\magic\login module doesn't sufficiently validate magic login URLs for user accounts. The lack of validation makes it possible for an adversary to forge valid login URLs and login to such an account. This vulnerabilit...

6.5AI score
Exploits0References1
OSV
OSVadded 2019/11/06 4:10 p.m.2 views

DRUPAL-CONTRIB-2019-075

Open Social is a Drupal distribution for online communities. The included social\magic\login module doesn't sufficiently validate magic login URLs for user accounts that do not have a local password, but login via external systems. The lack of validation makes it possible for an adversary to forg...

6.3AI score
Exploits0References1
Rows per page
Query Builder