Описание
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | ignored | end of life |
| maverick | not-affected | 6.18-1ubuntu1 |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | DNE |
Показывать по
Ссылки на источники
EPSS
3.5 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly b ...
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
EPSS
3.5 Low
CVSS2
6.5 Medium
CVSS3