Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-9449 - Vulnerability Database
Drupal

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2016-9449

Medium
Reference: CVE-2016-9449
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-9449
Title: Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags.