CVE-2013-4445 in Contextinformation

Résumé

par MITRE

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal s token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a block to which the user has access.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Réserver

12/06/2013

Divulgation

07/12/2013

Modérer

accepté

Entrée

VDB-65659

CPE

prêt

EPSS

0.01569

KEV

non

Activités

très faible

Sources

Do you know our Splunk app?

Download it now for free!