Description
Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1.
Published: 2025-06-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-18125 Drupal Commerce Eurobank (Redirect) Incorrect Authorization vulnerability
Github GHSA Github GHSA GHSA-q9h3-r6wr-p3j3 Drupal Commerce Eurobank (Redirect) Incorrect Authorization vulnerability
References
Link Providers
https://www.drupal.org/sa-contrib-2025-066 cve-icon cve-icon
History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00043}

 epss

{'score': 0.00047}

Mon, 16 Jun 2025 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Commerce Eurobank \(redirect\) Project
Commerce Eurobank \(redirect\) Project commerce Eurobank \(redirect\)
CPEs cpe:2.3:a:commerce_eurobank_\(redirect\)_project:commerce_eurobank_\(redirect\):*:*:*:*:*:drupal:*:*
Vendors & Products Commerce Eurobank \(redirect\) Project
Commerce Eurobank \(redirect\) Project commerce Eurobank \(redirect\)

Wed, 11 Jun 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Jun 2025 14:45:00 +0000

Type Values Removed Values Added
Description Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1.
Title Commerce Eurobank (Redirect) - Moderately critical - Access bypass - SA-CONTRIB-2025-066
Weaknesses CWE-863
References

Subscriptions

Commerce Eurobank \(redirect\) Project Commerce Eurobank \(redirect\)
cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published:

Updated: 2025-06-11T15:38:27.544Z

Reserved: 2025-05-21T16:25:07.435Z

Link: CVE-2025-48445

cve-icon Vulnrichment

Updated: 2025-06-11T15:36:41.281Z

cve-icon NVD

Status : Analyzed

Published: 2025-06-11T15:15:42.270

Modified: 2025-06-16T16:39:41.290

Link: CVE-2025-48445

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses