CVE-2025-8093
EPSS 0.07%Published: 8/27/2025Modified: 12/10/2025
Also known as:DRUPAL-CONTRIB-2025-098
Description
This module allows users to setup two-factor authentication (2FA) using authenticator apps for enhanced login security. The module did not protect all possible login paths provided by core modules. **CVSS risk score ([experimental](https://www.drupal.org/project/securitydrupalorg/issues/3442181)) 6.3 / Medium** [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N](https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N)
Affected packages (1)
- Packagist/drupal/aloginfrom 0, < 2.1.8