Improper Authorization Vulnerability in Drupal Open Social
CVE-2024-13241

Currently unrated

Key Information:

Vendor: Drupal
Status: Open Social
Vendor: CVE Published:; 9 January 2025

What is CVE-2024-13241?

An improper authorization vulnerability in the Drupal Open Social product enables unauthorized data collection from common resource locations. This issue impacts all versions of Open Social before 12.0.5, posing a significant risk to data integrity and privacy. Users of affected versions are advised to upgrade to the latest version to ensure the security of their systems and protect against potential exploitation.

References

https://www.drupal.org/sa-contrib-2024-005

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 9, 2025