What the vulnerability does
01Description
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0.
CVE-2024-13282
CVE-2024-13282: Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046
CVSS base score
—
Key dates
02Disclosure timeline
January 9, 2025
CVE published
January 10, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-40611 Apache Airflow Dag Runs Broken Access Control Vulnerability
CVE-2026-40914 Apache Artemis Stomp Protocol, Apache ActiveMQ Artemis Stomp Protocol: Address routing-type can be updated by STOMP protocol user without the createAddress permission
CVE-2026-43530 OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution
CVE-2023-0120 Incorrect Authorization in GitLab
CVE-2024-22208 phpMyFAQ sharing FAQ functionality can easily be abused for phishing purposes
