QwikSec

Security Database

CVE

CWE

Training

CVE-2015-5490

Published: Aug 18, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.drupal.org/node/2480327

x_refsource_MISC

https://www.drupal.org/node/2480259

x_refsource_CONFIRM

https://www.drupal.org/node/2475669

x_refsource_MISC

vdb-entry

x_refsource_BID

[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)

mailing-list

x_refsource_MLIST

http://cgit.drupalcode.org/views/commit/?id=cef693b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.