Incorrect Authorization Vulnerability in Drupal Diff
CVE-2024-13278

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

A vulnerability has been identified in the Diff module for Drupal, which allows for incorrect authorization, potentially enabling functionality misuse. This vulnerability impacts versions from 0.0.0 up to, but not including, 1.8.0. It is crucial for users of the affected products to apply the necessary updates to mitigate any risk associated with unauthorized access.

References

https://www.drupal.org/sa-contrib-2024-042

Timeline

Vulnerability published
Jan 9, 2025