Incorrect Authorization Vulnerability in Drupal Commerce by Drupal
CVE-2024-13257

Currently unrated

Key Information:

Vendor: Drupal
Status: Commerce View Receipt
Vendor: CVE Published:; 9 January 2025

What is CVE-2024-13257?

An incorrect authorization issue has been identified in Drupal Commerce's View Receipt component. This vulnerability allows attackers to perform forceful browsing, potentially accessing sensitive information and functionalities without proper permissions. The affected versions span from 0.0.0 up to, but not including, 1.0.3. Users are advised to upgrade to ensure protection against unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.drupal.org/sa-contrib-2024-021

Timeline

Vulnerability published
Jan 9, 2025

JSON

Drupal

What is CVE-2024-13257?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.