exploitDog

CVE-2013-0257

Опубликовано: 27 мар. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, which allows remote attackers to read images of user email addresses and email fields.

Ссылки

http://drupal.org/node/1903264
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/02/05/1
http://drupal.org/node/1903264
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/02/05/1

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:david_alkire:email2image:6.x-1.x:*:*:*:*:*:*:*

cpe:2.3:a:david_alkire:email2image:6.x-2.x:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-j2h9-g6rp-2vj3

github

около 3 лет назад

The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, which allows remote attackers to read images of user email addresses and email fields.

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-264