CVE-2025-47708
EPSS 0.10%發布日:2025/5/7修改日:2025/12/10
也稱為:DRUPAL-CONTRIB-2025-054
描述
The module enables you to add second-factor authentication in addition to the default Drupal login. The module doesn't sufficiently protect certain routes from Cross Site Request Forgery (CSRF) attacks.
受影響套件(1)
- Packagist/drupal/miniorange_2fafrom 0, < 4.7.0 | >= 5.0.1, < 5.2.0