Описание
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 5.7-1ubuntu1.3 |
| jaunty | ignored | end of life |
| karmic | released | 5.18-1.1ubuntu2.2 |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 5.23 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | DNE | |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | not-affected | 6.16-1 |
| maverick | not-affected | |
| natty | not-affected | |
| upstream | released | 6.18, 6.16-1 |
Показывать по
Ссылки на источники
EPSS
3.5 Low
CVSS2
Связанные уязвимости
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allow ...
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
EPSS
3.5 Low
CVSS2