6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
6.3 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.1%
The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the “view shortcuts” permission to read nodes or (2) remote authenticated users with the “admin shortcuts” permission to read, edit, or delete nodes via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
zugec_ivan:keyboard_shortcut_utility | zugec ivan keyboard shortcut utility | eq | 7.x-1.0 |