Description
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
Remediation
References
Related Vulnerabilities
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3663)
Moodle Resource Management Errors Vulnerability (CVE-2015-0217)
WordPress Plugin JSON Content Importer Cross-Site Scripting (1.3.15)
Claroline Other Vulnerability (CVE-2006-2284)
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)