Description
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Private Content Plus Security Bypass (1.31)
Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)