Search...

Drupal Webform Template模块安全绕过漏洞

2014-03-14T00:00:00

ID SSV:61804
Type seebug
Reporter Root
Modified 2014-03-14T00:00:00

Description

Drupal是一套开放源码的内容管理平台。

该漏洞是由于当显示可能的节点来复制网页表单的配置文件时，应用程序没有正确验证权限, 攻击者可以利用漏洞泄漏其他受限制接点的某些信息。 0 Drupal Webform Template Module 7.x Drupal Webform Template Module 7.x-1.3版本以修复此漏洞，建议用户下载使用：

https://drupal.org/node/2216607

JSON Vulners Source

Initial Source

{"href": "https://www.seebug.org/vuldb/ssvid-61804", "status": "details", "history": [], "bulletinFamily": "exploit", "modified": "2014-03-14T00:00:00", "title": "Drupal Webform Template\u6a21\u5757\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "", "cvelist": [], "description": "Drupal\u662f\u4e00\u5957\u5f00\u653e\u6e90\u7801\u7684\u5185\u5bb9\u7ba1\u7406\u5e73\u53f0\u3002\r\n\r\n\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u5f53\u663e\u793a\u53ef\u80fd\u7684\u8282\u70b9\u6765\u590d\u5236\u7f51\u9875\u8868\u5355\u7684\u914d\u7f6e\u6587\u4ef6\u65f6\uff0c\u5e94\u7528\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u9a8c\u8bc1\u6743\u9650, \u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u6cc4\u6f0f\u5176\u4ed6\u53d7\u9650\u5236\u63a5\u70b9\u7684\u67d0\u4e9b\u4fe1\u606f\u3002\n0\nDrupal Webform Template Module 7.x\nDrupal Webform Template Module 7.x-1.3\u7248\u672c\u4ee5\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\n\r\nhttps://drupal.org/node/2216607", "viewCount": 2, "published": "2014-03-14T00:00:00", "sourceData": "", "id": "SSV:61804", "enchantments_done": [], "_object_type": "robots.models.seebug.SeebugBulletin", "type": "seebug", "lastseen": "2017-11-19T17:31:02", "reporter": "Root", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-11-19T17:31:02"}, "vulnersScore": 5.0}, "objectVersion": "1.4", "references": []}