Description

The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

Remediation

References

CVE-2016-6212

Related Vulnerabilities

WordPress Plugin Yet Another Photoblog Unspecified Vulnerability (1.10.6)

WordPress 5.1.x Directory Traversal (5.1 - 5.1.18)

WordPress Plugin GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9)

WordPress Plugin PayGreen-Ancienne version Cross-Site Request Forgery (4.10.2)

Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)

Severity

Medium

Classification

CVE-2016-6212 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities