Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-25278

Опубликовано: 26 апр. 2023
Источник: debian
EPSS Низкий

Описание

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
drupal7not-affectedpackage

Примечания

  • https://www.drupal.org/sa-core-2022-013

EPSS

Процентиль: 53%
0.00299
Низкий

Связанные уязвимости

CVSS3: 6.5
ubuntu
больше 2 лет назад

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected.

CVSS3: 6.5
nvd
больше 2 лет назад

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected.

CVSS3: 6.5
github
больше 2 лет назад

Access bypass in Drupal Core

EPSS

Процентиль: 53%
0.00299
Низкий