CVE-2024-45440

5.3MEDIUM

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

公開日: 8/29/2024更新日: 4/21/2025
NVDで表示MITREで表示

説明

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

AI分析AIによる分析

影響を受ける製品

drupaldrupal
2023-05-09

利用可能なエクスプロイト (1)

参照