Incorrect Authorization Vulnerability in OhDear Integration for Drupal
CVE-2024-13290

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

The OhDear Integration component for Drupal suffers from an incorrect authorization vulnerability that enables forceful browsing. This flaw could allow unauthorized users to gain access to restricted areas of the application. The issue specifically affects versions from 0.0.0 and prior to 2.0.4, making it essential for users to update to a patched version to maintain application security.

References

https://www.drupal.org/sa-contrib-2024-056

Timeline

Vulnerability published
Jan 9, 2025