CVE-2025-7031

CVE-2025-7031: Config Pages Viewer - Critical - Access bypass - SA-CONTRIB-2025-086

Vendor Drupal
Product Config Pages Viewer
Weakness CWE-306 · Missing auth
Published July 8, 2025
Last update July 10, 2025

CVSS base score

What the vulnerability does

01Description

Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4.

Key dates

02Disclosure timeline

July 8, 2025 CVE published
July 10, 2025 Record updated