CVE-2007-3690

Sažetak

The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.

Reference

http://drupal.org/node/152806
http://drupal.org/node/158022
http://drupal.org/node/158025
http://osvdb.org/37896
http://secunia.com/advisories/25999
http://www.securityfocus.com/bid/24862
http://www.vupen.com/english/advisories/2007/2469
https://exchange.xforce.ibmcloud.com/vulnerabilities/35318

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

29-07-2017 - 01:32

Objavljeno

11-07-2007 - 17:30