CVE-2013-0245

2013-07-16T18:55:00
ID CVE-2013-0245
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:33:00

Description

The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows remote authenticated users with the "access printer-friendly version" permission to read node titles and possibly node content via unspecified vectors.