| |
Vulnerability CVE-2024-45440
Published: 2024-08-29
| Description: |
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| Milad Karimi (Ex... | 22.05.2025 |
References: |
https://www.drupal.org/project/drupal/issues/3457781
|
|
|
Copyright 2025, cxsecurity.com
|
|
|
