RSS   Vulnerabilities for 'Location'   RSS

2012-10-31
 
CVE-2012-4488

CWE-264
 

 
The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 for Drupal does not properly check user or node access permissions, which allows remote attackers to read node or user results via the location search page.

 


Copyright 2024, cxsecurity.com

 

Back to Top