7 matches found
EUVD-2025-7810
Malicious code in bioql PyPI...
CVE-2025-27822
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows people to temporarily switch to another user account. The module provides a "Masquerade as admin" permission to restrict people who can masquerade from switching to an account with administrative...
CVE-2025-27822
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows people to temporarily switch to another user account. The module provides a "Masquerade as admin" permission to restrict people who can masquerade from switching to an account with administrative...
CVE-2025-27822
CVE-2025-27822 : Affects Backdrop CMS via the Masquerade module before 1.x-1.0.1. The vulnerability arises because the value of the permission "Masquerade as admin" is not consistently enforced, potentially allowing a user with the "Masquerade as user" permission to masquerade as an administrator...
CVE-2025-27822
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows people to temporarily switch to another user account. The module provides a "Masquerade as admin" permission to restrict people who can masquerade from switching to an account with administrative...
CVE-2025-27822
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows people to temporarily switch to another user account. The module provides a "Masquerade as admin" permission to restrict people who can masquerade from switching to an account with administrative...
SA-CONTRIB-2010-068 - Masquerade - Cross Site Request Forgery
The masquerade module is designed as a tool for site designers and administrators, allowing a user with the right permissions to temporarily masquerade as another user. The module is vulnerable to Cross Site Request Forgeries CSRF via the masquerade/switch and masquerade/unswitch paths. Versions...