CVE-2011-2687

Опубликовано: 27 июл. 2011

Источник: debian

Описание

Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal7	fixed	7.2-1		package
drupal6	fixed	6.22-1		package
drupal6	fixed	6.18-1squeeze1	squeeze	package

Примечания

http://drupal.org/node/1168756

Связанные уязвимости

CVE-2011-2687

ubuntu

почти 14 лет назад

Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.

CVE-2011-2687

nvd

почти 14 лет назад

Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.

GHSA-96vx-qf28-6f8m

github

около 3 лет назад

Drupal Access Control Bypass