Miniorange Miniorange_2fa

6 CVEs affecting Miniorange Miniorange_2fa. Latest disclosed: 2025-06-26. Critical: 0, High: 3.

Top CVEs affecting Miniorange Miniorange_2fa
CVESeverityScorePublishedSummary
CVE-2025-47708High8.82025-05-14Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA -…
CVE-2025-47707High7.52025-05-14Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affect…
CVE-2025-47710High7.42025-05-14Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affect…
CVE-2025-47709Medium6.52025-05-14Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from…
CVE-2025-6675Medium4.82025-06-26Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affect…
CVE-2025-47706Medium4.82025-05-14Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affec…