Описание
The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:invitation_project:invitation:7.x-2.0:*:*:*:*:drupal:*:*
cpe:2.3:a:invitation_project:invitation:7.x-2.1:*:*:*:*:drupal:*:*
EPSS
Процентиль: 44%
0.00214
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 12 лет назад
The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.
github
больше 3 лет назад
The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.
EPSS
Процентиль: 44%
0.00214
Низкий
5 Medium
CVSS2
Дефекты
CWE-264