Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-45440

Disclosure Date: August 29, 2024 (last updated September 20, 2024)
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0