CVE-2010-2352
CVE-2010-2352 affects the Drupal Content Construction Kit (CCK) Node Reference module. The Node Reference feature in CCK 5.x (before 5.x-1.11) and 6.x (before 6.x-2.7) fails to perform access checks when displaying referenced nodes, enabling remote attackers to read nodes they should not access. ...