CVE-2024-13246

Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 0.0.0 before 2.0.2.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.drupal.org/sa-contrib-2024-010	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:node_access_rebuild_progressive_project:node_access_rebuild_progressive:*:*:*:*:*:drupal:*:*

History

04 Jun 2025, 15:18

Type	Values Removed	Values Added
First Time		Node Access Rebuild Progressive Project node Access Rebuild Progressive Node Access Rebuild Progressive Project
References	~~() https://www.drupal.org/sa-contrib-2024-010 -~~	() https://www.drupal.org/sa-contrib-2024-010 - Vendor Advisory
CPE		cpe:2.3:a:node_access_rebuild_progressive_project:node_access_rebuild_progressive::::::drupal::*
CWE		NVD-CWE-Other

10 Jan 2025, 20:15

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de administración de propiedad incorrecta en Drupal Node Access Rebuild Progressive permite la influencia del objetivo a través de encuadre. Este problema afecta a Node Access Rebuild Progressive: desde 0.0.0 antes de 2.0.2.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3

09 Jan 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-09 19:15

Updated : 2025-06-04 15:18

NVD link : CVE-2024-13246

Mitre link : CVE-2024-13246

CVE.ORG link : CVE-2024-13246

JSON object : View

Products Affected

node_access_rebuild_progressive_project

node_access_rebuild_progressive

CWE

CWE-282

Improper Ownership Management

NVD-CWE-Other

5.3 /10