Description
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)
MySQL CVE-2014-0384 Vulnerability (CVE-2014-0384)
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)
Internet Information Services Other Vulnerability (CVE-2001-0004)
XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851)