CVE-2016-6212 – drupal/core

Package

Manager: composer
Name: drupal/core
Vulnerable Version: >=8.0 <8.1.3

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00348 pctl0.56639

Details

Drupal Views can allow unauthorized users to see Statistics information The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

Metadata

Created: 2022-05-17T03:39:45Z
Modified: 2024-04-23T17:18:11Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rfxx-gxwc-923c/GHSA-rfxx-gxwc-923c.json
CWE IDs: ["CWE-200"]
Alternative ID: GHSA-rfxx-gxwc-923c
Finding: F038
Auto approve: 1