CVE-2009-2077

Name of the Vulnerable Software and Affected Versions Drupal 6.x versions prior to 6.x-2.6

Description The issue allows remote authenticated users to bypass access restrictions. This enables them to read unpublished content from anonymous users when a view is already configured to display the content. Additionally, it allows them to read private content in generated queries.

Recommendations For versions prior to 6.x-2.6, update to version 6.x-2.6 or later to resolve the issue.