CVE-2025-8093

EPSS 0.07%

發布日:2025/8/27修改日:2025/12/10

描述

This module allows users to setup two-factor authentication (2FA) using authenticator apps for enhanced login security. The module did not protect all possible login paths provided by core modules. **CVSS risk score ([experimental](https://www.drupal.org/project/securitydrupalorg/issues/3442181)) 6.3 / Medium** [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N](https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N)

受影響套件(1)

Packagist/drupal/aloginfrom 0, < 2.1.8

參考連結(1)

WEBhttps://www.drupal.org/sa-contrib-2025-098