CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
80.0%
Protected Pages modules allows the administrator to secure any page in your website by password by configuring a add path and the associated password.
The module did not sufficiently protect variations on the protected path.
Drupal core is not affected. If you do not use the contributed Protected Pages module,
there is nothing you need to do.
Install the latest version:
Also see the Protected Pages project page.
twitter.com/drupalsecurity
www.drupal.org/contact
www.drupal.org/node/2353451
www.drupal.org/project/protected_pages
www.drupal.org/security-team
www.drupal.org/security-team/risk-levels
www.drupal.org/security/secure-configuration
www.drupal.org/user/102818
www.drupal.org/user/168948
www.drupal.org/user/36762
www.drupal.org/user/77861
www.drupal.org/writing-secure-code