Drupal » Drupal : Security Vulnerabilities, CVEs, Published In 2015 (Information Leak) CVSS score >= 1
Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.
Max CVSS
5.0
EPSS Score
0.73%
Published
2015-08-24
Updated
2016-12-24
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.
Max CVSS
4.0
EPSS Score
0.23%
Published
2015-06-22
Updated
2016-12-03
2 vulnerabilities found