1 min read

Critical Access bypass Vulnerability in Super Login Drupal 8

FLY:D
https://unsplash.com/
Comment

The Drupal security team has announced a critical access bypass vulnerability SA-CONTRIB-2022-001 in the Super Login module in Drupal 8, posted on 2022, January 5th.

The Super Login module enables users to login with an email address. But the module does not sufficiently check if a user account is active when using email login. This vulnerability is mitigated by the fact that an attacker must have an account on the website that is blocked.

Solution

Install the latest version: If you use the Super Login module for Drupal 8.x, upgrade to Super Login 8.x-1.7.

Source: https://www.drupal.org/sa-contrib-2022-001

Click here to follow us on LinkedIn
Comment
You May Like

Article

DrupalCon Portland 2024: Community Events and EOWG Gatherings

DrupalCon Portland 2024: Community Events and EOWG Gatherings

Article

DrupalCon Portland 2024: Community Events and EOWG Gatherings

DrupalCon Portland 2024: Community Events and EOWG Gatherings

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please let us know in the comments below and we will try to address the issue as best we can.

Access Bypass
Security Update
Drupal 8
Advertisement Here

Comments

You may also like

You May Like

Interview

A Detailed Review of Droopler 4 with Grzegorz Bartman of Droptica

A Detailed Review of Droopler 4 with Grzegorz Bartman of Droptica

Featured

Related

Latest News

Upcoming Events

View All Events

Latest Opportunities

Advertisement Here

Call for Support