#vulnerability

Missing Authorization vulnerability in Drupal Authenticator Login allows Forceful Browsing. This issue affects Authenticator Login: from 0.0.0 before 2.0.6.

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection. This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.

Cross-Site Request Forgery (CSRF) vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery. This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting (XSS). This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting (XSS). This issue affects SpamSpan filter: from 0.0.0 before 3.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Configuration Split allows Cross Site Request Forgery. This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2.

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Matomo Analytics allows Cross Site Request Forgery. This issue affects Matomo Analytics: from 0.0.0 before 1.24.0.

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Cache Utility allows Cross Site Request Forgery. This issue affects Cache Utility: from 0.0.0 before 1.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in Drupal OAuth2 Client allows Cross Site Request Forgery. This issue affects OAuth2 Client: from 0.0.0 before 4.1.3.

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing. This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.