Boris Doesborg

**Name of the Vulnerable Software and Affected Versions** Drupal Login Disable versions prior to 2.1.3 **Description** A flaw exists in the Login Disable module where the access key check is bypassed when using the HTTP request login route. This allows users to log in without providing the required access key, potentially compromising site security. **Recommendations** Update the Login Disable module to version 2.1.3 or later.