Incorrect Authorization Vulnerability in Drupal Smart IP Ban
CVE-2024-13277

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

The Smart IP Ban module for Drupal is vulnerable to incorrect authorization, allowing attackers to perform forceful browsing. This issue impacts Smart IP Ban versions 7.X-1.0 and earlier than 7.X-1.1, potentially enabling unauthorized access to restricted areas of the application.

References

https://www.drupal.org/sa-contrib-2024-041

Timeline

Vulnerability published
Jan 9, 2025