PT-2015-6948 · Drupal · Drupal
Sam Becker
·
Publicado
2015-08-18
·
Atualizado
2016-11-28
·
CVE-2015-5496
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Drupal pass2pdf module (affected versions not specified)
Description
The issue concerns the pass2pdf module for Drupal, where it fails to restrict access to generated PDF files. This allows remote attackers to obtain user passwords through unspecified means.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal