CVE-2025-31685

Description

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.

CVSS breakdown

Affected products

• Drupal / Open Social0.0.0 – 12.3.11
• Drupal / Open Social12.4.0 – 12.4.10

References

• MISChttps://www.drupal.org/sa-contrib-2025-014