drupal-cck

2010-08-10

Page content

Author: Miklos Vajna
Vulnerable: 5.x_1.10-1
Unaffected: 5.x_1.12-1locris1

A vulnerability has been reported in the Drupal Content Construction Kit, which can be exploited by malicious users to disclose sensitive information. The vulnerability in the CCK “Node Reference” module is caused due to improper validation of access levels, which can be exploited to gain view access to controlled nodes.

Bug Tracker URL: http://bugs.frugalware.org/task/4242

CVEs:

No CVE, see http://drupal.org/node/829566.