4 matches found
Drupal 'Views' Module Access Bypass Vulnerability (SA-CORE-2016-002) - Linux
Drupal is prone to an access bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
CVE-2016-6212
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors...
CVE-2016-6212
The CVE-2016-6212 entry concerns Drupal’s Views module (7.x-3.x before 7.x-3.14 and 8.x before 8.1.3) where remote authenticated users could bypass normal access restrictions and obtain sensitive Statistics information via unspecified vectors. The vulnerability arises in the Views module’s handli...
Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036
An access bypass vulnerability exists in the Views module, where users without the "View content count" permission can see the number of hits collected by the Statistics module for results in the view. This issue is mitigated by the fact that the view must be configured to show a "Content...