Описание
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:drupal:secure_site_module:4.7:*:*:*:*:*:*:*
cpe:2.3:a:drupal:secure_site_module:5.0:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00851
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
EPSS
Процентиль: 74%
0.00851
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo