CVE-2015-3231

Name of the Vulnerable Software and Affected Versions Drupal versions prior to 7.38

Description The issue allows remote authenticated users to obtain private content viewed by other users by reading the cache, specifically when the Render cache system is used to cache content by user role. This could potentially lead to unauthorized access to sensitive information.

Recommendations For versions prior to 7.38, update to version 7.38 or later to resolve the issue. As a temporary workaround, consider disabling the Render cache system for user role-based caching until a patch is available. Restrict access to the cache to minimize the risk of exploitation.