← voltar
CVE-2012-1056

CVE-2012-1056

EPSS 1.5%
The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://drupal.org/node/1423722http://drupal.org/node/1425150http://osvdb.org/78817http://secunia.com/advisories/47851https://exchange.xforce.ibmcloud.com/vulnerabilities/72920http://www.securityfocus.com/bid/51826