Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Smartqueue_og module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-rc3, a module for Drupal, does not verify group-node privileges in certain circumstances involving subqueue creation, which allows remote authenticated users to discover arbitrary organic group names by reading confirmation messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Smartqueue OG模块安全许可和信息泄露漏洞
Vulnerability Description
Drupal Smartqueue_og模块5.x-1.3之前的5.x版本和6.x-1.0-rc3之前的6.x版本没有在涉及创建子队列的特定环境中校验群-节点特权,这使得远程认证用户可以通过读取确认信息,发现任意的有组织的群名称。
CVSS Information
N/A
Vulnerability Type
N/A