CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/01/09 8:40 a.m.•4 views

CVE-2022-26493

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...

9.8CVSS7AI score0.00178EPSS

Exploits0References1

NVD•added 2022/06/03 6:15 p.m.•9 views

CVE-2022-26493

9.8CVSS0.00178EPSS

Exploits0References1

OSV•added 2022/06/03 6:15 p.m.•0 views

CVE-2022-26493

8.8CVSS5.8AI score

Exploits0References1

Prion•added 2022/06/03 6:15 p.m.•22 views

Authorization

6.5CVSS8.8AI score0.00178EPSS

Exploits0References1Affected Software1

AlpineLinux•added 2022/06/03 4:0 p.m.•73 views

CVE-2022-26493

9.8CVSS8.9AI score0.00178EPSS

Exploits0

Cvelist•added 2022/06/03 4:0 p.m.•12 views

CVE-2022-26493 miniOrange SAML Authentication Bypass

9.8CVSS9.8AI score0.00178EPSS

Exploits0References1

CVE•added 2022/06/03 4:0 p.m.•113 views

CVE-2022-26493

CVE-2022-26493 affects Xecurify’s miniOrange Drupal SAML SP modules (Premium, Standard, Enterprise) for Drupal 7, 8, and 9. The root cause is an authentication/authorization bypass via removing the SAML Assertion Signature, allowing an attacker who can intercept HTTP requests to impersonate exist...

9.8CVSS8.8AI score0.00178EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by