CVE-2013-4445 in ContextИнформация

Сводка

по MITRE

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal s token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a block to which the user has access.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Резервировать

12.06.2013

Раскрытие

07.12.2013

Модерация

принято

Вход

VDB-65659

EPSS

0.01569

KEV

Нет

Деятельности

Очень низкий

Источники

Want to know what is going to be exploited?

We predict KEV entries!