CVE-2025-7393

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Drupal Mail Login versions 3.0.0 through 3.1.x Drupal Mail Login versions 4.0.0 through 4.1.x

Description An improper restriction of excessive authentication attempts exists in Drupal Mail Login, allowing for brute force attacks.

Recommendations Update Drupal Mail Login to version 3.2.0 or later. Update Drupal Mail Login to version 4.2.0 or later.

Fix

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307

Related Identifiers

CVE-2025-7393

DRUPAL-CONTRIB-2025-088

Affected Products

Drupal Mail Login

CVE-2025-7393

Weakness Enumeration

Related Identifiers

Affected Products

References · 6