CVE-2024-13280

Critical CVSS: 9.8

Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0.* before 2.2.2.

Vendor

Persistent Login Project

Product

Persistent Login

CWE

CWE-613

Yayın Tarihi

2025-01-09 20:15:36

Güncelleme

2025-09-02 18:28:21

Source Identifier

mlhess@drupal.org

KEV Date Added

Kategoriler

CWE-613 Persistent Login CRITICAL Persistent Login Project 2025

Referanslar

https://www.drupal.org/sa-contrib-2024-044