CVE-2025-9551 | THREATINT

Description

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages allows Brute Force.This issue affects Protected Pages: from 0.0.0 before 1.8.0.

PUBLISHED Reserved 2025-08-27 | Published 2025-10-10 | Updated 2025-10-10 | Assigner drupal

Problem types

CWE-307 Improper Restriction of Excessive Authentication Attempts

Product status

Default status

unaffected

0.0.0 before 1.8.0

affected

Credits

Pierre Rudloff (prudloff) finder

Oksana Cyrwus (oksana-c) remediation developer

Ra MÃ¤nd (ram4nd) remediation developer

Benji Fisher (benjifisher) coordinator

Damien McKenna (damienmckenna) coordinator

Greg Knaddison (greggles) coordinator

Drew Webber (mcdruid) coordinator

Juraj Nemec (poker10) coordinator

References

www.drupal.org/sa-contrib-2025-101

cve.org (CVE-2025-9551)

nvd.nist.gov (CVE-2025-9551)

Download JSON