← back
CVE-2015-7226

CVE-2015-7226

EPSS 2.1%
The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cgit.drupalcode.org/admin_views/commit/?id=44098bbhttps://www.drupal.org/node/2529366https://www.drupal.org/node/2529378http://www.securityfocus.com/bid/75697