The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/07/13/4 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/07/13/7 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/91230 | |
https://www.drupal.org/SA-CORE-2016-002 | Vendor Advisory |
https://www.drupal.org/node/2749333 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2016-09-09 14:05
Updated : 2024-02-04 18:53
NVD link : CVE-2016-6212
Mitre link : CVE-2016-6212
CVE.ORG link : CVE-2016-6212
JSON object : View
Products Affected
drupal
- drupal
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor