CVE-2025-31694 Information

Description

Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.

Reference

https://www.drupal.org/sa-contrib-2025-023