← back
CVE-2013-4226

CVE-2013-4226

EPSS 1.6%
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.
Affected products
n/a · Authenticated User Page Caching (Authcache) module

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://drupal.org/node/2058165https://drupal.org/node/2059589http://www.openwall.com/lists/oss-security/2013/08/10/1