CVE-2024-45440

5.3MEDIUM

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

发布于: 8/29/2024更新于: 4/21/2025
在NVD查看在MITRE查看

描述

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

AI分析AI驱动

受影响产品

drupaldrupal
2023-05-09

可用漏洞利用 (1)

参考资料