Описание
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:quade:edit_limit:7.x-1.0:*:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.0:beta3:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.0:beta4:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.1:*:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.2:*:*:*:*:*:*:*
cpe:2.3:a:quade:edit_limit:7.x-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00592
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
около 3 лет назад
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
EPSS
Процентиль: 68%
0.00592
Низкий
5 Medium
CVSS2
Дефекты
CWE-264