Drupal · Drupal Persistent Login · CVE-2024-13280
**Name of the Vulnerable Software and Affected Versions**
Drupal Persistent Login versions 0.0.0 through 1.8.0
Drupal Persistent Login versions 2.0.* through 2.2.2
**Description**
The issue is related to insufficient session expiration in the Drupal Persistent Login module, allowing for forceful browsing. This can impact the confidentiality, integrity, and availability of protected information.
**Recommendations**
For versions 0.0.0 through 1.8.0, update to version 1.8.0 or later.
For versions 2.0.* through 2.2.2, update to version 2.2.2 or later.