CVE-2013-4445 in Contextthông tin

Tóm tắt

Bởi MITRE

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal s token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a block to which the user has access.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Đặt trước

12/06/2013

Tiết lộ

07/12/2013

Kiểm duyệt

được chấp nhận

mục

VDB-65659

EPSS

0.01569

KEV

không

Các hoạt động

rất thấp

Nguồn

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!