Drupal Open Omega模块访问绕过漏洞

Bugtraq ID:65822 Drupal是一套开放源码的内容管理平台。 当构建header和footer菜单时Drupal Open Omega不充分检查用户菜单访问，允许攻击者利用漏洞获取受限项的标题和路径信息。 0 Drupal Open Omega 7.x 厂商补丁： Drupal ----- Drupal Open Omega 7.x-1.1已经修复该漏洞，建议用户下载更新： http://drupal.org/project/openomega...

SA-CONTRIB-2014-025 - Open Omega - Access Bypass

This theme is a sub theme of omega used as as a sample theme for the open Public Distribution. The theme doesn't sufficiently check the users menu access when building the header and footer menus, so that it can expose the title and path of restricted items in the menu. This vulnerability is...