Skip to main content

Hybridauth Social Login

2 CVEs product

Monthly

CVE-2015-5511 MEDIUM PATCH This Month

The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal allows remote attackers to bypass the user registration by administrator only configuration and create an account via a social. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Hybridauth Social Login
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-4395 LOW Monitor

The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Hybridauth Social Login
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal allows remote attackers to bypass the user registration by administrator only configuration and create an account via a social. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Hybridauth Social Login
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Hybridauth Social Login
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy