Rik De Boer » Revisioning : Security Vulnerabilities, CVEs, CVSS score >= 6

CVE-2012-1635

The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which allows remote attackers to bypass intended access restrictions, as demonstrated when using the XML sitemap module to obtain sensitive information about unpublished content.
Max CVSS
6.4
EPSS Score
0.17%
Published
2012-08-28
Updated
2012-08-29
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close