Описание
Drupal Views can allow unauthorized users to see Statistics information
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-6212
- https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6212.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6212.yaml
- https://www.drupal.org/SA-CORE-2016-002
- https://www.drupal.org/node/2749333
- http://www.openwall.com/lists/oss-security/2016/07/13/4
- http://www.openwall.com/lists/oss-security/2016/07/13/7
- http://www.securityfocus.com/bid/91230
Пакеты
drupal/core
>= 8.0, < 8.1.3
8.1.3
drupal/drupal
>= 8.0, < 8.1.3
8.1.3
Связанные уязвимости
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views m ...