me aliases - Moderately Critical - Access Bypass - SA-CONTRIB-2015-128
'me aliases' module provides shortcut paths to current user's pages, eg user/me, blog/me, user/me/edit, tracker/me etc. The view user argument handler for the 'me' module has an access bypass vulnerability where it does not check the supplied argument against the current user. This allows any use...