The validation functionality in the core upload module in Drupal 6.x prior to 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "logic error."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 6.1 |
||
drupal drupal 6.2 |
||
drupal drupal 6.0 |
||
drupal drupal 6.3 |
||
drupal drupal |