Drupal Permissions Privileges and Access Controls Vulnerability - CVE-2013-0245

The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline which allows remote authenticated users with the quotaccess printer-friendly versionquot permission to read node titles and possibly node content via unspecified vectors.