Lucene search
MitreCVE-2007-3690HistoryJul 11, 2007 - 5:30 p.m.
CVE-2007-3690
2007-07-1117:30:00
mitre
web.nvd.nist.gov
25
drupal
forward module
remote attackers
restricted posts
nvd
cve-2007-3690
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.7%
The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
Affected configurations
Node
drupalforward_moduleRange≤4.7
ORdrupalforward_moduleRange≤5.x-1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| drupal | forward_module | * | cpe:2.3:a:drupal:forward_module:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2007-3690
2007-07-11 17:00:00
nvd
nvd
CVE-2007-3690
2007-07-11 17:30:00
prion
prion
Design/Logic Flaw
2007-07-11 17:30:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.7%
Related for CVE-2007-3690