How severe is CVE-2024-45440?

CVE-2024-45440 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2024-45440

Name: drupal
Author: drupal

5.3MEDIUM

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

Опубликовано: 8/29/2024Обновлено: 4/21/2025

Описание

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

ИИ-АнализНа базе ИИ

Затронутые продукты

drupaldrupal

2023-05-09

Описание

ИИ-АнализНа базе ИИ

Затронутые продукты

Доступные эксплойты (1)

Drupal 11.x-dev - Full Path Disclosure

Ссылки