Security Advisory

CVE-2025-12466

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-29 23:14:51

Last updated 2025-10-30 14:38:59

Assigner drupal

State PUBLISHED

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass.This issue affects Simple OAuth (OAuth2) & OpenID Connect: from 6.0.0 before 6.0.7.

← Browse all CVEs View on cve.org ↗