CNNVD-202507-2680 Information

CNNVD ID

CNNVD-202507-2680

Related CVE

CVE-2025-7393

• CNNVD Published: 2025-07-21

Description (Chinese)

Drupal Mail Login是Drupal社区的一个邮件地址登录的插件。 Drupal Mail Login 3.2.0之前版本和4.2.0之前版本存在安全漏洞，该漏洞源于认证尝试限制不当，可能导致暴力破解攻击。

Description (English)

Drupal Mail Login is a plug-in to an email address in the Drupal community. There is a security loophole in the pre-Drupal Mail Login 3.2.0 and pre-Release 4.2.0, which stems from inappropriate certification attempts and may lead to a violent breakout of the attack.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-088 https://nvd.nist.gov/vuln/detail/CVE-2025-7393 https://vigilance.fr/vulnerability/Drupal-Mail-Login-user-access-via-Brute-Force-47676

Patch

https://www.drupal.org/sa-contrib-2025-088