Описание
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:freelinking_for_case_tracker_project:freelinking_for_case_tracker:-:*:*:*:*:drupal:*:*
cpe:2.3:a:freelinking_project:freelinking:-:*:*:*:*:drupal:*:*
EPSS
Процентиль: 44%
0.00214
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.
EPSS
Процентиль: 44%
0.00214
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264