Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal does not properly check node permissions when generating an in-content link, which allows remote authenticated users with text-editing permissions to read arbitrary node titles via a generated link.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Multi-Language Link and Redirect模块安全绕过漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的MultiLink模块6.x-2.7之前的6.x-2.x版本和7.x-2.7之前的7.x-2.x版本中存在漏洞,该漏洞源于生成内容内链接时,程序没有正确验证节点权限。远程认证攻击者可通过生成的链接利用该漏洞以文本编辑权限读取任意节点标题。
CVSS Information
N/A
Vulnerability Type
N/A