Skip to main content

Microsoft Entra Id Sso Login

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-0948 PHP MEDIUM PATCH This Month

The Microsoft Entra ID SSO Login module for Drupal before version 1.0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to escalate privileges through an alternate authentication channel. An attacker can exploit this flaw to gain unauthorized access with elevated permissions on affected Drupal installations. No patch is currently available, and the vulnerability has low exploit probability (EPSS 0.1%).

Authentication Bypass Privilege Escalation Drupal Microsoft Entra Id Sso Login
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0948 PHP
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Microsoft Entra ID SSO Login module for Drupal before version 1.0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to escalate privileges through an alternate authentication channel. An attacker can exploit this flaw to gain unauthorized access with elevated permissions on affected Drupal installations. No patch is currently available, and the vulnerability has low exploit probability (EPSS 0.1%).

Authentication Bypass Privilege Escalation Drupal +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy