CVE-2013-0245

NONECVSS 0.0

0.0

The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows remote authenticated users with the "access printer-friendly version" permission to read node titles and possibly node content via unspecified vectors.

🔗 References (16)

secalert@redhathttp://osvdb.org/89305
secalert@redhathttp://packetstormsecurity.com/files/119598/Drupal-Core-6.x-7.x-Cross-Site-Scripting-Access-Bypass.html
secalert@redhathttp://seclists.org/fulldisclosure/2013/Jan/120
secalert@redhathttp://seclists.org/oss-sec/2013/q1/211
secalert@redhathttp://secunia.com/advisories/51717
secalert@redhathttp://www.debian.org/security/2013/dsa-2776
secalert@redhathttps://drupal.org/SA-CORE-2013-001
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/81380
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89305
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/119598/Drupal-Core-6.x-7.x-Cross-Site-Scripting-Access-Bypass.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2013/Jan/120
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2013/q1/211
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51717
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2776
af854a3a-2127-422b-91ae-364da2661108https://drupal.org/SA-CORE-2013-001

Is Your Infrastructure Affected by CVE-2013-0245?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-0245

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-0245?