← volver
CVE-2013-2123

CVE-2013-2123

EPSS 1.3%
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attackers to modify the content via unspecified vectors.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://drupal.org/node/2007072https://drupal.org/node/2007078https://drupal.org/node/2007122http://www.openwall.com/lists/oss-security/2013/05/29/9