Vulnerability in Drupal Sportsleague Affects User Data Management
CVE-2025-3904

Currently unrated

Key Information:

Vendor: Drupal
Status: Sportsleague
Vendor: CVE Published:; 23 April 2025

Summary

The vulnerability in the Drupal Sportsleague plugin may expose sensitive user data through improper access controls, allowing unauthorized users to gain access to private information. This issue affects all versions of the Sportsleague plugin, highlighting the importance of maintaining up-to-date security measures.

Affected Version(s)

Sportsleague *.*

References

https://www.drupal.org/sa-contrib-2025-045

Timeline

Vulnerability published
Apr 23, 2025
Vulnerability Reserved
Apr 23, 2025