CVE-2025-31685

CVE-2025-31685: Open Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014

Vendor Drupal
Product Open Social
Weakness CWE-862 · Missing authorization
Published March 31, 2025
Last update April 29, 2025

CVSS base score

What the vulnerability does

01Description

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.

Key dates

02Disclosure timeline

March 31, 2025 CVE published
April 29, 2025 Record updated

Related vulnerabilities

04Related CVE