CVE-2011-2687

Drupal 7.x before 7.3 allows remote attackers to bypass intended nodeaccess restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table...

CVE-2011-2687

Drupal 7.x before 7.3 is vulnerable to an access-control bypass due to a listing query that shows nodes but omits a JOIN to the node table. This allows remote attackers to bypass node_access restrictions. Described impacts are consistent with partial confidentiality, integrity, and availability e...

CVE-2011-2687

Removed by vendor...

Fedora Update for drupal7 FEDORA-2011-8879

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SA-CORE-2011-001 - Drupal core - Multiple vulnerabilities

CVE: CVE-2011-2687 Multiple vulnerabilities and weaknesses were discovered in Drupal. Reflected cross site scripting vulnerability in error handler A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a...