CVE-2025-48011

CVE-2025-48011: One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-062

Vendor Drupal
Product One Time Password
Weakness CWE-288
Published May 21, 2025
Last update May 21, 2025

CVSS base score

What the vulnerability does

01Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal One Time Password allows Functionality Bypass.This issue affects One Time Password: from 0.0.0 before 1.3.0.

Key dates

02Disclosure timeline

May 21, 2025 CVE published
May 21, 2025 Record updated