Описание
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 5.7-1ubuntu1.2 |
| intrepid | released | 5.10-1ubuntu1.1 |
| jaunty | not-affected | 5.15-1ubuntu1 |
| karmic | not-affected | 5.18-1.1ubuntu2 |
| upstream | released | 5.11 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 49%
0.00255
Низкий
6 Medium
CVSS2
Связанные уязвимости
nvd
больше 16 лет назад
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
debian
больше 16 лет назад
The core upload module in Drupal 5.x before 5.11 allows remote authent ...
github
около 3 лет назад
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
EPSS
Процентиль: 49%
0.00255
Низкий
6 Medium
CVSS2