CVE-2026-6816
EUVD-2026-3322928.05.2026, 23:16
An access bypass vulnerability in Drupal TFA Basic Plugins allows users with the administer users permission to view or generate recovery codes for other users. This issue affects TFA Basic Plugins: from 7.x-1.0 through 7.x-1.2.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| tfa_basic_plugins_project | tfa_basic_plugins | 7.x-1.0 ≤ 𝑥 < 7.x-1.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration