Design/Logic Flaw

2007-07-1117:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.

CPENameOperatorVersion
print_moduleeq<= 5.x-1.1
print_modulele4.7

CPE	Name	Operator	Version
	print_module	eq	<= 5.x-1.1
	print_module	le	4.7

References

osvdb.org/37897

secunia.com/advisories/25978

www.securityfocus.com/bid/24862

www.vupen.com/english/advisories/2007/2470

drupal.org/node/152804

drupal.org/node/158029

drupal.org/node/158032

exchange.xforce.ibmcloud.com/vulnerabilities/35314