Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attackers to modify the content via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Node Access User Reference模块访问绕过漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。Node Access User Reference是其中的一个节点接入用户参考模块。 Drupal平台下的Node access user reference模块中存在安全漏洞。当启用了作者更新/删除授权且作者用户账号被删除的情况下,程序没有正确地限制对包含用户引用字段内容的访问。远程攻击者可利用该漏洞修改内容。以下版本受到影响:Node access user reference模块6.x-3.5之前的6.x-3.x
CVSS Information
N/A
Vulnerability Type
N/A