core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| drupal/drupal(Packagist) | 10.3.0 | 10.3.6 | N/A |
| drupal/drupal(Packagist) | 11.0.0 | 11.0.5 | N/A |
| drupal/core-recommended(Packagist) | 10.3.0 | 10.3.6 | N/A |
| drupal/core-recommended(Packagist) | 11.0.0 | 11.0.5 | N/A |
| drupal/core(Packagist) | 10.3.0 | 10.3.6 | N/A |
| drupal/core(Packagist) | 11.0.0 | 11.0.5 | N/A |
| drupal/drupal(Packagist) | 8.0.0 | 10.2.9 | N/A |
| drupal/core-recommended(Packagist) | 8.0.0 | 10.2.9 | N/A |
| drupal/core(Packagist) | 8.0.0 | 10.2.9 | N/A |
CVSS Metrics
