Drupal User Read-Only Module Access Security Bypass Vulnerability

The User Read-Only module for Drupal is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized access; this may aid in launching further attacks.

User Read-Only 6.x-1.x versions prior to 6.x-1.4 and 7.x-1.x versions prior to 7.x-1.4 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus