Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Views模块权限许可和访问控制漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。Views是其中的一个视图模块。 Drupal Views模块7.x-3.10之前7.x-3.5版本的includes/cache.inc文件中的‘_views_fetch_data’方法存在安全漏洞,该漏洞源于静态缓存不为空时程序不会重建完整的缓存。远程攻击者可利用该漏洞绕过既定的过滤器,获取隐藏内容的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A