CVE-2026-5343

EUVD-2026-33228
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation.

This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
miniorangesaml_sso_-_service_provider
3.0.1 ≤
𝑥
< 3.1.4
miniorangesaml_sso_-_service_provider
7.x-1.0:x
miniorangesaml_sso_-_service_provider
7.x-1.1:x
miniorangesaml_sso_-_service_provider
7.x-1.2:x
miniorangesaml_sso_-_service_provider
7.x-1.3:x
miniorangesaml_sso_-_service_provider
7.x-1.4:x
miniorangesaml_sso_-_service_provider
7.x-1.5:x
miniorangesaml_sso_-_service_provider
7.x-1.6:x
miniorangesaml_sso_-_service_provider
7.x-1.7:x
miniorangesaml_sso_-_service_provider
7.x-1.8:x
miniorangesaml_sso_-_service_provider
7.x-1.9:x
miniorangesaml_sso_-_service_provider
7.x-1.91:x
miniorangesaml_sso_-_service_provider
7.x-1.92:x
miniorangesaml_sso_-_service_provider
7.x-1.93:x
miniorangesaml_sso_-_service_provider
7.x-1.94:x
miniorangesaml_sso_-_service_provider
7.x-1.95:x
miniorangesaml_sso_-_service_provider
7.x-1.96:x
miniorangesaml_sso_-_service_provider
7.x-1.97:x
miniorangesaml_sso_-_service_provider
7.x-1.98:x
miniorangesaml_sso_-_service_provider
7.x-1.99:x
miniorangesaml_sso_-_service_provider
7.x-1.991:x
miniorangesaml_sso_-_service_provider
7.x-1.992:x
miniorangesaml_sso_-_service_provider
7.x-1.993:x
miniorangesaml_sso_-_service_provider
7.x-1.994:x
miniorangesaml_sso_-_service_provider
7.x-1.995:x
miniorangesaml_sso_-_service_provider
7.x-2.0:x
miniorangesaml_sso_-_service_provider
7.x-2.1:x
miniorangesaml_sso_-_service_provider
7.x-2.2:x
miniorangesaml_sso_-_service_provider
7.x-2.3:x
miniorangesaml_sso_-_service_provider
7.x-2.4:x
miniorangesaml_sso_-_service_provider
7.x-2.5:x
miniorangesaml_sso_-_service_provider
7.x-2.51:x
miniorangesaml_sso_-_service_provider
7.x-2.52:x
miniorangesaml_sso_-_service_provider
7.x-2.53:x
miniorangesaml_sso_-_service_provider
7.x-2.54:x
miniorangesaml_sso_-_service_provider
7.x-2.55:x
miniorangesaml_sso_-_service_provider
7.x-2.56:x
miniorangesaml_sso_-_service_provider
7.x-2.60:x
miniorangesaml_sso_-_service_provider
7.x-2.61:x
miniorangesaml_sso_-_service_provider
7.x-2.70:x
miniorangesaml_sso_-_service_provider
7.x-2.71:x
miniorangesaml_sso_-_service_provider
7.x-2.72:x
miniorangesaml_sso_-_service_provider
8.x-1.0:x
miniorangesaml_sso_-_service_provider
8.x-1.1:x
miniorangesaml_sso_-_service_provider
8.x-1.2:x
miniorangesaml_sso_-_service_provider
8.x-1.3:x
miniorangesaml_sso_-_service_provider
8.x-1.4:x
miniorangesaml_sso_-_service_provider
8.x-1.5:x
miniorangesaml_sso_-_service_provider
8.x-1.6:x
miniorangesaml_sso_-_service_provider
8.x-1.7:x
miniorangesaml_sso_-_service_provider
8.x-1.8:x
miniorangesaml_sso_-_service_provider
8.x-1.9:x
miniorangesaml_sso_-_service_provider
8.x-1.10:x
miniorangesaml_sso_-_service_provider
8.x-1.11:x
miniorangesaml_sso_-_service_provider
8.x-1.12:x
miniorangesaml_sso_-_service_provider
8.x-1.121:x
miniorangesaml_sso_-_service_provider
8.x-1.122:x
miniorangesaml_sso_-_service_provider
8.x-2.0:x
miniorangesaml_sso_-_service_provider
8.x-2.1:x
miniorangesaml_sso_-_service_provider
8.x-2.11:x
miniorangesaml_sso_-_service_provider
8.x-2.12:x
miniorangesaml_sso_-_service_provider
8.x-2.13:x
miniorangesaml_sso_-_service_provider
8.x-2.14:x
miniorangesaml_sso_-_service_provider
8.x-2.15:x
miniorangesaml_sso_-_service_provider
8.x-2.16:x
miniorangesaml_sso_-_service_provider
8.x-2.17:x
miniorangesaml_sso_-_service_provider
8.x-2.18:x
miniorangesaml_sso_-_service_provider
8.x-2.19:x
miniorangesaml_sso_-_service_provider
8.x-2.20:x
miniorangesaml_sso_-_service_provider
8.x-2.21:x
miniorangesaml_sso_-_service_provider
8.x-2.22:x
miniorangesaml_sso_-_service_provider
8.x-2.23:x
miniorangesaml_sso_-_service_provider
8.x-2.24:x
miniorangesaml_sso_-_service_provider
8.x-2.25:x
miniorangesaml_sso_-_service_provider
8.x-2.26:x
miniorangesaml_sso_-_service_provider
8.x-2.27:x
miniorangesaml_sso_-_service_provider
8.x-2.28:x
𝑥
= Vulnerable software versions