← volver
CVE-2015-2559

CVE-2015-2559

EPSS 1.6%
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.drupal.org/SA-CORE-2015-001http://www.debian.org/security/2015/dsa-3200http://www.securityfocus.com/bid/73219