Drupal Core Access Bypass Vulnerability

Drupal is prone to an access bypass vulnerability because it fails to properly validate required user access permissions when viewing nodes.

An attacker can exploit this issue to bypass certain security restrictions and gain access to sensitive areas of application, thus perform unauthorized actions; this may aid in launching further attacks.

Drupal versions 7.x through 7.12 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus