Social Login Bypass Vulnerability in HybridAuth Module by Drupal
CVE-2015-5511

Currently unrated

Key Information:

Vendor

Hybridauth Social Login Project

Status
Hybridauth Social Login
Vendor
CVE Published:
18 August 2015

What is CVE-2015-5511?

The HybridAuth Social Login module for Drupal prior to version 7.x-2.13 has a vulnerability that allows remote attackers to circumvent the user registration configuration restricted to administrators. This flaw enables these attackers to create user accounts through social login mechanisms, which can compromise user account management and security. Admins should update to the latest version to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.drupal.org/node/2511200
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/07/04/4
mailing-listx_refsource_MLIST
https://www.drupal.org/node/2511410
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.