← volver
CVE-2013-2122

CVE-2013-2122

EPSS 1.6%
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://osvdb.org/93725https://drupal.org/node/2006188https://drupal.org/node/2007048http://seclists.org/fulldisclosure/2013/May/208http://secunia.com/advisories/53556https://exchange.xforce.ibmcloud.com/vulnerabilities/84630http://www.openwall.com/lists/oss-security/2013/05/29/9http://www.securityfocus.com/bid/60209