Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The autocomplete callback in Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-rc1 does not properly handle node permissions, which allows remote authenticated users to obtain sensitive field values via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Autocomplete Widgets for Text and Number Fields 安全漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。Autocomplete Widgets for Text and Number Fields(autocomplete_widgets)是其中的一个自动填充文字和数字字段的模块。 Drupal autocomplete_widgets模块6.x-1.4之前的6.x-1.x版本和7.x-1.0-rc1之前的7.x-1.x版本中的自动完成回调实现过程中存在安全漏洞,该漏洞源于程序没有正确处理节点权限。远程攻击者可利用该漏洞
CVSS Information
N/A
Vulnerability Type
N/A