CNNVD-202601-4676 Information

CNNVD ID

CNNVD-202601-4676

Related CVE

CVE-2025-13986

• CNNVD Published: 2026-01-28

Description (Chinese)

Drupal Disable Login Page是Drupal社区的一个内容屏蔽插件。 Drupal Disable Login Page 1.1.3之前版本存在安全漏洞，该漏洞源于身份验证绕过，可能导致功能绕过。

Description (English)

Drupal Disable Login Page is a content shield plugin for the Drupal community. There was a security loophole in the previous version of Drupal Disable Login Page 1.1.3, which originated in a circumvention of identification, which could lead to a circumvention of functionality.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-124 https://vigilance.fr/vulnerability/Drupal-Disable-Login-Page-user-access-via-8-x-3-13-48964

Patch

https://www.drupal.org/sa-contrib-2025-124