Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Drupal Permissions Privileges and Access Controls Vulnerability - CVE-2014-1476 - Vulnerability Database
Drupal

Drupal Permissions Privileges and Access Controls Vulnerability - CVE-2014-1476

Medium
Reference: CVE-2014-1476
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-1476
Title: Drupal Permissions Privileges and Access Controls Vulnerability
Overview:

The Taxonomy module in Drupal 7.x before 7.26 when upgraded from an earlier version of Drupal does not properly restrict access to unpublished content which allows remote authenticated users to obtain sensitive information via a listing page.