PT-2013-4984 · Drupal · Make Meeting Scheduler Module
Forest Monsen
·
Publicado
2013-10-09
·
Atualizado
2013-10-10
·
CVE-2013-4379
CVSS v2.0
6.4
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Make Meeting Scheduler module versions 6.x-1.x before 6.x-1.3
Description
The issue allows remote attackers to bypass intended access restrictions for a poll by making a direct request to the node's URL instead of the hashed URL.
Recommendations
For Make Meeting Scheduler module versions 6.x-1.x before 6.x-1.3, update to version 6.x-1.3 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Make Meeting Scheduler Module