PT-2012-3413 · Drupal · Cool Aid
Published
2012-09-09
·
Updated
2017-08-29
·
CVE-2012-1649
CVSS v2.0
4.9
Medium
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Cool Aid module versions prior to 6.x-1.9 for Drupal
Description
The issue concerns the Cool Aid module for Drupal, where access restrictions are not properly enforced. This allows remote authenticated users with the
administer coolaid permission to modify arbitrary pages.Recommendations
For Cool Aid module versions prior to 6.x-1.9, update to version 6.x-1.9 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cool Aid