Drupal Microsoft Entra ID SSO Login Authentication Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

An authentication bypass vulnerability has been identified in the Drupal Microsoft Entra ID SSO Login module, versions prior to 1.0.4. This vulnerability allows privilege escalation by exploiting an alternate path or channel.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Added: Feb 4, 2026, 9:23 PM

Updated: Feb 4, 2026, 10:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Drupal Microsoft Entra ID SSO Login Authentication Bypass Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating