drupal6-imagefield

2010-05-17

Page content

Author: Miklos Vajna
Vulnerable: 6.x_3.2-1
Unaffected: 6.x_3.3-1locris1

A security issue has been reported in the ImageField module for Drupal, which can be exploited by malicious people to disclose potentially sensitive information. The security issue exists due to improper access permission checks for thumbnails of restricted images when the Private Downloads setting is used and can be exploited to view the thumbnail.

Bug Tracker URL: http://bugs.frugalware.org/task/4208

CVEs:

No CVE references, see http://drupal.org/node/791054