Description

The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

Remediation

References

CVE-2016-6212

Related Vulnerabilities

Sqlite CVE-2021-20223 Vulnerability (CVE-2021-20223)

WordPress Plugin RapidLoad Power-Up for Autoptimize SQL Injection (1.6.35)

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7366)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)

phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3055)

Severity

Medium

Classification

CVE-2016-6212 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities