CVE Vulnerabilities

CVE-2015-5511

Published: Aug 18, 2015 | Modified: Nov 28, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal allows remote attackers to bypass the user registration by administrator only configuration and create an account via a social login.

Affected Software

Name Vendor Start Version End Version
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.7 7.x-2.7
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.10 7.x-2.10
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.4 7.x-2.4
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.11 7.x-2.11
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.8 7.x-2.8
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.2 7.x-2.2
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.12 7.x-2.12
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.1 7.x-2.1
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.3 7.x-2.3
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.0 7.x-2.0
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.9 7.x-2.9
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.5 7.x-2.5
Hybridauth_social_login Hybridauth_social_login_project 7.x-2.6 7.x-2.6

References