Drupal : Security Vulnerabilities, CVEs, Published In September 2016 CVSS score >= 5
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
Max CVSS
5.3
EPSS Score
0.40%
Published
2016-09-09
Updated
2016-11-28
The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form.
Max CVSS
8.8
EPSS Score
0.21%
Published
2016-09-09
Updated
2016-11-28
2 vulnerabilities found