Super Login - Critical - Access bypass - SA-CONTRIB-2022-001
Project: Super Login
Security risk: Critical 18∕25
Vulnerability: Access bypass
This module enables you to login with an email address.
The module doesn't sufficiently check if a user account is active when using email login.
This vulnerability is mitigated by the fact that an attacker must have an account in the website that is blocked.
Install the latest version:
If you use the Super Login module for Drupal 8.x, upgrade to Super Login 8.x-1.7