Description
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
Remediation
References
Related Vulnerabilities
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3641)
WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.14)
WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (4.0.7)
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)