Описание
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-2122
- https://drupal.org/node/2006188
- https://drupal.org/node/2007048
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84630
- http://osvdb.org/93725
- http://seclists.org/fulldisclosure/2013/May/208
- http://secunia.com/advisories/53556
- http://www.openwall.com/lists/oss-security/2013/05/29/9
- http://www.securityfocus.com/bid/60209
EPSS
Процентиль: 68%
0.00592
Низкий
CVE ID
Связанные уязвимости
nvd
почти 12 лет назад
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
EPSS
Процентиль: 68%
0.00592
Низкий