Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node restrictions, which allows (1) remote authenticated users with the "view shortcuts" permission to read nodes or (2) remote authenticated users with the "admin shortcuts" permission to read, edit, or delete nodes via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Keyboard Shortcut Utility模块安全绕过漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal平台下的Keyboard Shortcut Utility模块7.x-1.1之前的7.x-1.x版本中存在漏洞。该漏洞源于程序没有正确地检查节点限制。通过未明向量,(1)具备“查看快捷方式”权限的远程认证攻击者可利用该漏洞读取节点,或(2)具备“管理员快捷方式”权限的远程认证攻击者可利用该漏洞读取、编辑或删除节点。
CVSS Information
N/A
Vulnerability Type
N/A