Описание
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 7.32-1+deb8u3 |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | not-affected | 7.32-1+deb8u3 |
| esm-infra-legacy/trusty | not-affected | 7.26-1ubuntu0.1+esm1 |
| lucid | DNE | |
| precise | ignored | end of life |
Показывать по
EPSS
3.5 Low
CVSS2
Связанные уязвимости
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated ...
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.
EPSS
3.5 Low
CVSS2