Diff
1 CVEs
product
Monthly
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.0.0 before 1.8.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Diff
Drupal
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2024-13278
PHP
EPSS 0%
CVSS 9.1
CRITICAL
PATCH
This Week
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.0.0 before 1.8.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Diff
Drupal
NVD