Количество 4
Количество 4
CVE-2016-3165
The Form API in Drupal 6.x before 6.38 ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a form with a button that has "#access" set to FALSE in the server-side form definition.
CVE-2016-3165
The Form API in Drupal 6.x before 6.38 ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a form with a button that has "#access" set to FALSE in the server-side form definition.
CVE-2016-3165
The Form API in Drupal 6.x before 6.38 ignores access restrictions on ...
GHSA-4gh5-3hqj-x3pj
Drupal Form API ignores access restrictions on submit buttons
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-3165 The Form API in Drupal 6.x before 6.38 ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a form with a button that has "#access" set to FALSE in the server-side form definition. | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
 | CVE-2016-3165 The Form API in Drupal 6.x before 6.38 ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a form with a button that has "#access" set to FALSE in the server-side form definition. | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
| CVE-2016-3165 The Form API in Drupal 6.x before 6.38 ignores access restrictions on ... | CVSS3: 7.5 | 1% Низкий | около 9 лет назад |
| GHSA-4gh5-3hqj-x3pj Drupal Form API ignores access restrictions on submit buttons | CVSS3: 7.5 | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу