Описание
The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the "view shortcuts" permission to read nodes or (2) remote authenticated users with the "admin shortcuts" permission to read, edit, or delete nodes via unspecified vectors.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zugec_ivan:keyboard_shortcut_utility:7.x-1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00366
Низкий
6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the "view shortcuts" permission to read nodes or (2) remote authenticated users with the "admin shortcuts" permission to read, edit, or delete nodes via unspecified vectors.
EPSS
Процентиль: 58%
0.00366
Низкий
6 Medium
CVSS2
Дефекты
CWE-264