Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.8.0, from 5.2.0 before 5.2.1, from 0.0.0 before 5.0., from 0.0.0 before 5.1..
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Miniorange_2fa | Miniorange | * | 4.8.0 (excluding) |
Miniorange_2fa | Miniorange | 5.0.1 (including) | 5.2.1 (excluding) |