Resource Allocation Vulnerability in Drupal Admin Audit Trail
CVE-2025-48448

6.5MEDIUM

Key Information:

Vendor: Drupal
Status: Admin Audit Trail
Vendor: CVE Published:; 11 June 2025

What is CVE-2025-48448?

The Admin Audit Trail extension for Drupal contains a resource allocation vulnerability that allows for excessive system resource usage, leading to potential denial-of-service situations. This issue is present in versions 0.0.0 up to and including 1.0.4, which may leave systems vulnerable without appropriate limits or throttling in place.

Affected Version(s)

Admin Audit Trail 0.0.0 < 1.0.5

References

https://www.drupal.org/sa-contrib-2025-068

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
May 21, 2025

Credit

Scott Phillips (scottatdrake)

Rajab Natshah (rajab natshah)

Greg Knaddison (greggles)

Juraj Nemec (poker10)