Two-Factor Authentication Project: >> Two-Factor Authentication >> 8.x-1.5 Security Vulnerabilities
Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.11.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-08
Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.10.0.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-03-31
Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-01-09