VYPR
Moderate severityNVD Advisory· Published Nov 18, 2025· Updated Nov 18, 2025

Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-115

CVE-2025-12760

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Email TFA allows Functionality Bypass.This issue affects Email TFA: from 0.0.0 before 2.0.6.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
drupal/email_tfaPackagist
< 2.0.62.0.6

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.