CVE-2025-31685
Open Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Open Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.
Reserved 2025-03-31 | Published 2025-03-31 | Updated 2025-04-29 | Assigner drupalRobert Ragas (robertragas)
zanvidmar
Denis Kolmerschlag (uber_denis)
zanvidmar
Greg Knaddison (greggles)
www.drupal.org/sa-contrib-2025-014
Support options
