CVE-2025-31691

Published Mar 31, 2025

Last updated 3 months ago

Overview

Description
Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0.
Source
mlhess@drupal.org
NVD status
Awaiting Analysis

Weaknesses

mlhess@drupal.org
CWE-862

Social media

Hype score
Not currently trending

  1. CVE-2025-31691 Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0. https://t.co/q0xohUHRP0

    @CVEnew

    31 Mar 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.