Vulnerability Details CVE-2025-31686
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.5%
CVSS Severity
CVSS v3 Score 8.1
References
Products affected by CVE-2025-31686
-
cpe:2.3:a:getopensocial:open_social:10.0.0
-
cpe:2.3:a:getopensocial:open_social:10.0.1
-
cpe:2.3:a:getopensocial:open_social:10.0.10
-
cpe:2.3:a:getopensocial:open_social:10.0.11
-
cpe:2.3:a:getopensocial:open_social:10.0.12
-
cpe:2.3:a:getopensocial:open_social:10.0.13
-
cpe:2.3:a:getopensocial:open_social:10.0.14
-
cpe:2.3:a:getopensocial:open_social:10.0.15
-
cpe:2.3:a:getopensocial:open_social:10.0.16
-
cpe:2.3:a:getopensocial:open_social:10.0.17
-
cpe:2.3:a:getopensocial:open_social:10.0.18
-
cpe:2.3:a:getopensocial:open_social:10.0.2
-
cpe:2.3:a:getopensocial:open_social:10.0.3
-
cpe:2.3:a:getopensocial:open_social:10.0.4
-
cpe:2.3:a:getopensocial:open_social:10.0.5
-
cpe:2.3:a:getopensocial:open_social:10.0.6
-
cpe:2.3:a:getopensocial:open_social:10.0.7
-
cpe:2.3:a:getopensocial:open_social:10.0.8
-
cpe:2.3:a:getopensocial:open_social:10.0.9
-
cpe:2.3:a:getopensocial:open_social:10.1.0
-
cpe:2.3:a:getopensocial:open_social:10.1.1
-
cpe:2.3:a:getopensocial:open_social:10.1.10
-
cpe:2.3:a:getopensocial:open_social:10.1.11
-
cpe:2.3:a:getopensocial:open_social:10.1.12
-
cpe:2.3:a:getopensocial:open_social:10.1.13
-
cpe:2.3:a:getopensocial:open_social:10.1.14
-
cpe:2.3:a:getopensocial:open_social:10.1.15
-
cpe:2.3:a:getopensocial:open_social:10.1.16
-
cpe:2.3:a:getopensocial:open_social:10.1.2
-
cpe:2.3:a:getopensocial:open_social:10.1.3
-
cpe:2.3:a:getopensocial:open_social:10.1.4
-
cpe:2.3:a:getopensocial:open_social:10.1.5
-
cpe:2.3:a:getopensocial:open_social:10.1.6
-
cpe:2.3:a:getopensocial:open_social:10.1.7
-
cpe:2.3:a:getopensocial:open_social:10.1.8
-
cpe:2.3:a:getopensocial:open_social:10.1.9
-
cpe:2.3:a:getopensocial:open_social:10.2.0
-
cpe:2.3:a:getopensocial:open_social:10.2.1
-
cpe:2.3:a:getopensocial:open_social:10.2.10
-
cpe:2.3:a:getopensocial:open_social:10.2.11
-
cpe:2.3:a:getopensocial:open_social:10.2.2
-
cpe:2.3:a:getopensocial:open_social:10.2.3
-
cpe:2.3:a:getopensocial:open_social:10.2.4
-
cpe:2.3:a:getopensocial:open_social:10.2.5
-
cpe:2.3:a:getopensocial:open_social:10.2.6
-
cpe:2.3:a:getopensocial:open_social:10.2.7
-
cpe:2.3:a:getopensocial:open_social:10.2.8
-
cpe:2.3:a:getopensocial:open_social:10.2.9
-
cpe:2.3:a:getopensocial:open_social:10.3.0
-
cpe:2.3:a:getopensocial:open_social:10.3.1
-
cpe:2.3:a:getopensocial:open_social:10.3.2
-
cpe:2.3:a:getopensocial:open_social:10.3.3
-
cpe:2.3:a:getopensocial:open_social:10.3.4
-
cpe:2.3:a:getopensocial:open_social:10.3.5
-
cpe:2.3:a:getopensocial:open_social:10.3.6
-
cpe:2.3:a:getopensocial:open_social:10.3.7
-
cpe:2.3:a:getopensocial:open_social:10.3.8
-
cpe:2.3:a:getopensocial:open_social:10.3.x
-
cpe:2.3:a:getopensocial:open_social:10.x
-
cpe:2.3:a:getopensocial:open_social:11
-
cpe:2.3:a:getopensocial:open_social:11.0.0
-
cpe:2.3:a:getopensocial:open_social:11.0.1
-
cpe:2.3:a:getopensocial:open_social:11.0.10
-
cpe:2.3:a:getopensocial:open_social:11.0.11
-
cpe:2.3:a:getopensocial:open_social:11.0.12
-
cpe:2.3:a:getopensocial:open_social:11.0.13
-
cpe:2.3:a:getopensocial:open_social:11.0.14
-
cpe:2.3:a:getopensocial:open_social:11.0.2
-
cpe:2.3:a:getopensocial:open_social:11.0.3
-
cpe:2.3:a:getopensocial:open_social:11.0.4
-
cpe:2.3:a:getopensocial:open_social:11.0.5
-
cpe:2.3:a:getopensocial:open_social:11.0.6
-
cpe:2.3:a:getopensocial:open_social:11.0.7
-
cpe:2.3:a:getopensocial:open_social:11.0.8
-
cpe:2.3:a:getopensocial:open_social:11.0.9
-
cpe:2.3:a:getopensocial:open_social:11.1.0
-
cpe:2.3:a:getopensocial:open_social:11.1.1
-
cpe:2.3:a:getopensocial:open_social:11.1.10
-
cpe:2.3:a:getopensocial:open_social:11.1.11
-
cpe:2.3:a:getopensocial:open_social:11.1.12
-
cpe:2.3:a:getopensocial:open_social:11.1.13
-
cpe:2.3:a:getopensocial:open_social:11.1.14
-
cpe:2.3:a:getopensocial:open_social:11.1.15
-
cpe:2.3:a:getopensocial:open_social:11.1.16
-
cpe:2.3:a:getopensocial:open_social:11.1.2
-
cpe:2.3:a:getopensocial:open_social:11.1.3
-
cpe:2.3:a:getopensocial:open_social:11.1.4
-
cpe:2.3:a:getopensocial:open_social:11.1.5
-
cpe:2.3:a:getopensocial:open_social:11.1.6
-
cpe:2.3:a:getopensocial:open_social:11.1.7
-
cpe:2.3:a:getopensocial:open_social:11.1.8
-
cpe:2.3:a:getopensocial:open_social:11.1.9
-
cpe:2.3:a:getopensocial:open_social:11.1.x
-
cpe:2.3:a:getopensocial:open_social:11.10.0
-
cpe:2.3:a:getopensocial:open_social:11.10.1
-
cpe:2.3:a:getopensocial:open_social:11.10.2
-
cpe:2.3:a:getopensocial:open_social:11.10.3
-
cpe:2.3:a:getopensocial:open_social:11.10.4
-
cpe:2.3:a:getopensocial:open_social:11.10.5
-
cpe:2.3:a:getopensocial:open_social:11.10.x
-
cpe:2.3:a:getopensocial:open_social:11.11.0
-
cpe:2.3:a:getopensocial:open_social:11.11.1
-
cpe:2.3:a:getopensocial:open_social:11.11.2
-
cpe:2.3:a:getopensocial:open_social:11.11.3
-
cpe:2.3:a:getopensocial:open_social:11.11.4
-
cpe:2.3:a:getopensocial:open_social:11.11.x
-
cpe:2.3:a:getopensocial:open_social:11.2.0
-
cpe:2.3:a:getopensocial:open_social:11.2.1
-
cpe:2.3:a:getopensocial:open_social:11.2.10
-
cpe:2.3:a:getopensocial:open_social:11.2.11
-
cpe:2.3:a:getopensocial:open_social:11.2.2
-
cpe:2.3:a:getopensocial:open_social:11.2.3
-
cpe:2.3:a:getopensocial:open_social:11.2.4
-
cpe:2.3:a:getopensocial:open_social:11.2.5
-
cpe:2.3:a:getopensocial:open_social:11.2.6
-
cpe:2.3:a:getopensocial:open_social:11.2.7
-
cpe:2.3:a:getopensocial:open_social:11.2.8
-
cpe:2.3:a:getopensocial:open_social:11.2.9
-
cpe:2.3:a:getopensocial:open_social:11.2.x
-
cpe:2.3:a:getopensocial:open_social:11.3.0
-
cpe:2.3:a:getopensocial:open_social:11.3.1
-
cpe:2.3:a:getopensocial:open_social:11.3.10
-
cpe:2.3:a:getopensocial:open_social:11.3.11
-
cpe:2.3:a:getopensocial:open_social:11.3.12
-
cpe:2.3:a:getopensocial:open_social:11.3.13
-
cpe:2.3:a:getopensocial:open_social:11.3.14
-
cpe:2.3:a:getopensocial:open_social:11.3.15
-
cpe:2.3:a:getopensocial:open_social:11.3.16
-
cpe:2.3:a:getopensocial:open_social:11.3.2
-
cpe:2.3:a:getopensocial:open_social:11.3.3
-
cpe:2.3:a:getopensocial:open_social:11.3.4
-
cpe:2.3:a:getopensocial:open_social:11.3.5
-
cpe:2.3:a:getopensocial:open_social:11.3.6
-
cpe:2.3:a:getopensocial:open_social:11.3.7
-
cpe:2.3:a:getopensocial:open_social:11.3.8
-
cpe:2.3:a:getopensocial:open_social:11.3.9
-
cpe:2.3:a:getopensocial:open_social:11.3.x
-
cpe:2.3:a:getopensocial:open_social:11.4.0
-
cpe:2.3:a:getopensocial:open_social:11.4.1
-
cpe:2.3:a:getopensocial:open_social:11.4.10
-
cpe:2.3:a:getopensocial:open_social:11.4.11
-
cpe:2.3:a:getopensocial:open_social:11.4.2
-
cpe:2.3:a:getopensocial:open_social:11.4.3
-
cpe:2.3:a:getopensocial:open_social:11.4.4
-
cpe:2.3:a:getopensocial:open_social:11.4.5
-
cpe:2.3:a:getopensocial:open_social:11.4.6
-
cpe:2.3:a:getopensocial:open_social:11.4.7
-
cpe:2.3:a:getopensocial:open_social:11.4.8
-
cpe:2.3:a:getopensocial:open_social:11.4.9
-
cpe:2.3:a:getopensocial:open_social:11.4.x
-
cpe:2.3:a:getopensocial:open_social:11.5.0
-
cpe:2.3:a:getopensocial:open_social:11.5.1
-
cpe:2.3:a:getopensocial:open_social:11.5.2
-
cpe:2.3:a:getopensocial:open_social:11.5.3
-
cpe:2.3:a:getopensocial:open_social:11.5.4
-
cpe:2.3:a:getopensocial:open_social:11.5.5
-
cpe:2.3:a:getopensocial:open_social:11.5.6
-
cpe:2.3:a:getopensocial:open_social:11.5.7
-
cpe:2.3:a:getopensocial:open_social:11.5.8
-
cpe:2.3:a:getopensocial:open_social:11.5.9
-
cpe:2.3:a:getopensocial:open_social:11.5.x
-
cpe:2.3:a:getopensocial:open_social:11.6.0
-
cpe:2.3:a:getopensocial:open_social:11.6.1
-
cpe:2.3:a:getopensocial:open_social:11.6.2
-
cpe:2.3:a:getopensocial:open_social:11.6.3
-
cpe:2.3:a:getopensocial:open_social:11.6.4
-
cpe:2.3:a:getopensocial:open_social:11.6.5
-
cpe:2.3:a:getopensocial:open_social:11.6.6
-
cpe:2.3:a:getopensocial:open_social:11.6.7
-
cpe:2.3:a:getopensocial:open_social:11.6.8
-
cpe:2.3:a:getopensocial:open_social:11.6.9
-
cpe:2.3:a:getopensocial:open_social:11.6.x
-
cpe:2.3:a:getopensocial:open_social:11.7.0
-
cpe:2.3:a:getopensocial:open_social:11.7.1
-
cpe:2.3:a:getopensocial:open_social:11.7.2
-
cpe:2.3:a:getopensocial:open_social:11.7.3
-
cpe:2.3:a:getopensocial:open_social:11.7.4
-
cpe:2.3:a:getopensocial:open_social:11.7.5
-
cpe:2.3:a:getopensocial:open_social:11.7.6
-
cpe:2.3:a:getopensocial:open_social:11.7.x
-
cpe:2.3:a:getopensocial:open_social:11.8.0
-
cpe:2.3:a:getopensocial:open_social:11.8.1
-
cpe:2.3:a:getopensocial:open_social:11.8.10
-
cpe:2.3:a:getopensocial:open_social:11.8.11
-
cpe:2.3:a:getopensocial:open_social:11.8.12
-
cpe:2.3:a:getopensocial:open_social:11.8.2
-
cpe:2.3:a:getopensocial:open_social:11.8.3
-
cpe:2.3:a:getopensocial:open_social:11.8.4
-
cpe:2.3:a:getopensocial:open_social:11.8.5
-
cpe:2.3:a:getopensocial:open_social:11.8.6
-
cpe:2.3:a:getopensocial:open_social:11.8.7
-
cpe:2.3:a:getopensocial:open_social:11.8.8
-
cpe:2.3:a:getopensocial:open_social:11.8.9
-
cpe:2.3:a:getopensocial:open_social:11.8.x
-
cpe:2.3:a:getopensocial:open_social:11.9.0
-
cpe:2.3:a:getopensocial:open_social:11.9.1
-
cpe:2.3:a:getopensocial:open_social:11.9.10
-
cpe:2.3:a:getopensocial:open_social:11.9.11
-
cpe:2.3:a:getopensocial:open_social:11.9.12
-
cpe:2.3:a:getopensocial:open_social:11.9.13
-
cpe:2.3:a:getopensocial:open_social:11.9.14
-
cpe:2.3:a:getopensocial:open_social:11.9.15
-
cpe:2.3:a:getopensocial:open_social:11.9.16
-
cpe:2.3:a:getopensocial:open_social:11.9.2
-
cpe:2.3:a:getopensocial:open_social:11.9.3
-
cpe:2.3:a:getopensocial:open_social:11.9.4
-
cpe:2.3:a:getopensocial:open_social:11.9.5
-
cpe:2.3:a:getopensocial:open_social:11.9.6
-
cpe:2.3:a:getopensocial:open_social:11.9.7
-
cpe:2.3:a:getopensocial:open_social:11.9.8
-
cpe:2.3:a:getopensocial:open_social:11.9.9
-
cpe:2.3:a:getopensocial:open_social:11.9.x
-
cpe:2.3:a:getopensocial:open_social:12
-
cpe:2.3:a:getopensocial:open_social:12.0.0
-
cpe:2.3:a:getopensocial:open_social:12.0.1
-
cpe:2.3:a:getopensocial:open_social:12.0.2
-
cpe:2.3:a:getopensocial:open_social:12.0.3
-
cpe:2.3:a:getopensocial:open_social:12.0.4
-
cpe:2.3:a:getopensocial:open_social:12.0.5
-
cpe:2.3:a:getopensocial:open_social:12.0.6
-
cpe:2.3:a:getopensocial:open_social:12.0.7
-
cpe:2.3:a:getopensocial:open_social:12.0.8
-
cpe:2.3:a:getopensocial:open_social:12.0.9
-
cpe:2.3:a:getopensocial:open_social:12.1.0
-
cpe:2.3:a:getopensocial:open_social:12.1.1
-
cpe:2.3:a:getopensocial:open_social:12.1.2
-
cpe:2.3:a:getopensocial:open_social:12.1.3
-
cpe:2.3:a:getopensocial:open_social:12.1.4
-
cpe:2.3:a:getopensocial:open_social:12.1.5
-
cpe:2.3:a:getopensocial:open_social:12.2.0
-
cpe:2.3:a:getopensocial:open_social:12.2.1
-
cpe:2.3:a:getopensocial:open_social:12.2.2
-
cpe:2.3:a:getopensocial:open_social:12.2.3
-
cpe:2.3:a:getopensocial:open_social:12.2.4
-
cpe:2.3:a:getopensocial:open_social:12.2.5
-
cpe:2.3:a:getopensocial:open_social:12.3.0
-
cpe:2.3:a:getopensocial:open_social:12.3.1
-
cpe:2.3:a:getopensocial:open_social:12.3.10
-
cpe:2.3:a:getopensocial:open_social:12.3.2
-
cpe:2.3:a:getopensocial:open_social:12.3.3
-
cpe:2.3:a:getopensocial:open_social:12.3.4
-
cpe:2.3:a:getopensocial:open_social:12.3.5
-
cpe:2.3:a:getopensocial:open_social:12.3.6
-
cpe:2.3:a:getopensocial:open_social:12.3.7
-
cpe:2.3:a:getopensocial:open_social:12.3.8
-
cpe:2.3:a:getopensocial:open_social:12.3.9
-
cpe:2.3:a:getopensocial:open_social:12.4.0
-
cpe:2.3:a:getopensocial:open_social:12.4.1
-
cpe:2.3:a:getopensocial:open_social:12.4.2
-
cpe:2.3:a:getopensocial:open_social:12.4.3
-
cpe:2.3:a:getopensocial:open_social:12.4.4
-
cpe:2.3:a:getopensocial:open_social:12.4.5
-
cpe:2.3:a:getopensocial:open_social:12.4.6
-
cpe:2.3:a:getopensocial:open_social:12.4.7
-
cpe:2.3:a:getopensocial:open_social:12.4.8
-
cpe:2.3:a:getopensocial:open_social:12.4.9