Back to search
CVE-2007-1368
Published: Mar 9, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
22867
vdb-entry
x_refsource_BID
ADV-2007-0873
vdb-entry
x_refsource_VUPEN
http://drupal.org/node/125832
x_refsource_CONFIRM
projectissuetracking-node-security-bypass(32871)
vdb-entry
x_refsource_XF
33913
vdb-entry
x_refsource_OSVDB
http://drupal.org/node/125833
x_refsource_CONFIRM
24409
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now