CVE-2015-3231

CVE-2015-3231

EPSS 1.7%

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html https://www.drupal.org/SA-CORE-2015-002 http://www.debian.org/security/2015/dsa-3291 http://www.securityfocus.com/bid/75286