CVE-2024-13248

CVE-2024-13248: Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012

Vendor Drupal
Product Private content
Weakness CWE-266
Published January 9, 2025
Last update January 10, 2025

CVSS base score

What the vulnerability does

01Description

Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0.

Key dates

02Disclosure timeline

January 9, 2025 CVE published
January 10, 2025 Record updated