The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allows remote attackers to read controlled nodes.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2010-06-21 19:30
Updated : 2024-02-04 17:54
NVD link : CVE-2010-2352
Mitre link : CVE-2010-2352
CVE.ORG link : CVE-2010-2352
JSON object : View
Products Affected
yves_chedemois
- cck
karen_stevenson
- cck
drupal
- drupal
CWE
CWE-20
Improper Input Validation