logo

Database

Authentication mechanism absence or evasion In drupal/miniorange_saml

Description

This module enables you to perform SAML-protocol-based single-sign-on (SSO) on a Drupal site.

The module doesn't sufficiently block access, leading to a authentication bypass vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-53432. NVD-2026-53433. OSV-DRUPAL-CONTRIB-2026-0314. OSV-2026-53435. GCVE-2026-53436. drupal.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.