3 matches found
Drupal Monster Menus module < 9.3.2 - Unauthenticated Multiple Vulnerabilities
Unauthenticated Multiple Vulnerabilities discovered by Dan Wilga in WordPress Module Monster Menus versions 9.3.2...
SA-CONTRIB-2013-086 - Monster Menus - Access bypass
Monster Menus includes the ability to protect the visibility of comments for each node based on hierarchical permissions. However, a carefully-crafted URL could be used to bypass these permissions, allowing an anonymous user to view the comments associated with certain nodes. In order for this fl...
SA-CONTRIB-2013-066 - Monster Menus - Multiple Vulnerabilities
Monster Menus enables you to create granular page permissions, and apply them to a hierarchical page structure. The mmwebform submodule enables you to assign permissions derived from Monster Menus to webform forms. The module doesn't sufficiently filter titles entered into page settings and echoe...