Drupal LoginToboggan Module Unauthorized Access Vulnerability

The Drupal LoginToboggan module is prone to an unauthorized-access vulnerability because it fails to adequately limit access to blocked users in certain circumstances.

An attacker can exploit this vulnerability to gain unauthorized access to the application; other attacks may also possible.

Versions prior to LoginToboggan 6.x-1.5 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus