CVE-2024-13279

Critical CVSS: 9.8

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0.

Vendor

Two-factor Authentication Project

Product

Two-factor Authentication

CWE

CWE-384

Yayın Tarihi

2025-01-09 20:15:36

Güncelleme

2025-09-02 18:28:28

Source Identifier

mlhess@drupal.org

KEV Date Added

Kategoriler

CWE-384 Two-factor Authentication CRITICAL Two-factor Authentication Project 2025

Referanslar

https://www.drupal.org/sa-contrib-2024-043

Benzer Kayıtlar

Medium

CVE-2025-7030

Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrec…

High

CVE-2025-31694

Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affe…

Critical

CVE-2024-13239

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication Abuse.This issue affec…