Improper access control in Login Disable - CVE-2026-15079
Published: July 9, 2026
Login Disable
Detailed vulnerability description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected module does not sufficiently protect the disabled login form from brute force attacks. A remote user can bypass implemented security restrictions and gain unauthorized access to the application.