Commerce Alphabank Redirect

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-48446 HIGH PATCH This Week

CVE-2025-48446 is an Incorrect Authorization vulnerability (CWE-863) in the Drupal Commerce Alphabank Redirect module that allows unauthenticated attackers to misuse functionality through a network-based attack requiring user interaction. The vulnerability affects Commerce Alphabank Redirect versions prior to 1.0.3, with a CVSS score of 8.8 indicating high severity across confidentiality, integrity, and availability impacts. No public indicators of active exploitation or proof-of-concept code are currently documented, but the high CVSS score and authorization bypass nature warrant immediate patching.

Authentication Bypass Drupal PHP Commerce Alphabank Redirect
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-48446
EPSS 0% CVSS 8.8
HIGH PATCH This Week

CVE-2025-48446 is an Incorrect Authorization vulnerability (CWE-863) in the Drupal Commerce Alphabank Redirect module that allows unauthenticated attackers to misuse functionality through a network-based attack requiring user interaction. The vulnerability affects Commerce Alphabank Redirect versions prior to 1.0.3, with a CVSS score of 8.8 indicating high severity across confidentiality, integrity, and availability impacts. No public indicators of active exploitation or proof-of-concept code are currently documented, but the high CVSS score and authorization bypass nature warrant immediate patching.

Authentication Bypass Drupal PHP +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy