CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-48012

Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote Services with Stolen Credentials.This issue affects One Time Password: from 0.0.0 before 1.3.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.1%

CVSS Severity

CVSS v3 Score 4.8

References

https://www.drupal.org/sa-contrib-2025-063

Products affected by CVE-2025-48012

One Time Password Project » One Time Password » Version: 8.x-1.0

cpe:2.3:a:one_time_password_project:one_time_password:8.x-1.0
One Time Password Project » One Time Password » Version: 8.x-1.1

cpe:2.3:a:one_time_password_project:one_time_password:8.x-1.1
One Time Password Project » One Time Password » Version: 8.x-1.2

cpe:2.3:a:one_time_password_project:one_time_password:8.x-1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-48012

Products

Pricing

Contact Us