Description

An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.

Remediation

References

CVE-2011-2726

Related Vulnerabilities

WordPress Plugin BLUE ORIGAMI CRM (Formerly Application Maker/APM-CRM edition) Cross-Site Scripting (1.5.15)

WordPress Plugin Side Menu Lite-add sticky fixed buttons SQL Injection (2.2.5)

ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0607)

WordPress Plugin More Fields Cross-Site Request Forgery (2.1)

WordPress Plugin Manage and respond to conversations with leads-HappyForms PHP Object Injection (1.0.0)

Severity

High

Classification

CVE-2011-2726 CWE-863 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities