PT-2009-6010 · Drupal · Filefield
Name of the Vulnerable Software and Affected Versions: FileField versions 6.x-3.1 Description: The issue concerns the filefield file download function, which does not properly check node-access permissions for Drupal core private files. This allows remote attackers to access unauthorized files vi...