SA-CONTRIB-2014-066 - Node Access Keys - Access Bypass

Node Access Keys helps to grant users temporary view permissions to selected content types on a per user role basis. It was found that unpublished nodes of content types that that did not have an access key were visible to all. Also, If an unpublished node of a content type that was protected by ...

Authentication flaw

The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing...

CVE-2013-4596

The CVE-2013-4596 entry concerns Drupal’s Node Access Keys module (7.x-1.x) prior to 7.x-1.1. The vulnerability arises from insufficient permission checks, allowing remote attackers to bypass access restrictions via a node listing. Affected version: Node Access Keys 7.x-1.0 (Drupal 7). The issue ...

CVE-2013-4596

The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing...

SA-CONTRIB-2013-089 - Node Access Keys - Access Bypass

Node Access Keys helps to grant users temporary view permissions to selected content types on a per user role basis. However, it only implements hooknodeaccess and not hookqueryalter, which means any listing of nodes does not respect the node view access. CVE identifiers issued CVE-2013-4596...