Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://www.drupal.org/sa-contrib-2025-023 |
Configurations
No configuration.
History
01 Apr 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-288 |
31 Mar 2025, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-31 22:15
Updated : 2025-04-01 20:26
NVD link : CVE-2025-31694
Mitre link : CVE-2025-31694
CVE.ORG link : CVE-2025-31694
JSON object : View
Products Affected
No product.
CWE
CWE-288
Authentication Bypass Using an Alternate Path or Channel