Описание
The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive information via unspecified vectors.
The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive information via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-2304
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75183
- http://drupal.org/node/1547716
- http://drupal.org/node/1547738
- http://secunia.com/advisories/48900
- http://www.openwall.com/lists/oss-security/2012/05/03/1
- http://www.openwall.com/lists/oss-security/2012/05/03/2
- http://www.osvdb.org/81557
- http://www.securityfocus.com/bid/53253
EPSS
Процентиль: 68%
0.00588
Низкий
CVE ID
Связанные уязвимости
nvd
почти 13 лет назад
The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive information via unspecified vectors.
EPSS
Процентиль: 68%
0.00588
Низкий