Описание
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
Ссылки
- Third Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly b ...
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
EPSS
6.5 Medium
CVSS3
3.5 Low
CVSS2