6.5
CVSSv3

CVE-2024-13243

CVSSv4: NA | CVSSv3: 6.5 | CVSSv2: NA | VMScore: 750 | EPSS: 0.00043 | KEV: Not Included
Published: 09/01/2025 Updated: 10/01/2025

Vulnerability Summary

Unauthorized Access via Missing Authorization in Drupal Entity Delete Log

There is a Missing Authorization vulnerability in Drupal Entity Delete Log. This lets users perform Forceful Browsing. The issue affects Entity Delete Log versions from 0.0.0 up to, but not including, 1.1.1.

Vulnerable Product Search on Vulmon Subscribe to Product

drupal entity delete log