The comment module in Drupal 5.x prior to 5.23 and 6.x prior to 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 5.4 |
||
drupal drupal 5.5 |
||
drupal drupal 5.6 |
||
drupal drupal 5.7 |
||
drupal drupal 5.20 |
||
drupal drupal 5.21 |
||
drupal drupal 5.22 |
||
drupal drupal 5.0 |
||
drupal drupal 5.12 |
||
drupal drupal 5.13 |
||
drupal drupal 5.14 |
||
drupal drupal 5.15 |
||
drupal drupal 5.1 |
||
drupal drupal 5.3 |
||
drupal drupal 5.8 |
||
drupal drupal 5.10 |
||
drupal drupal 5.17 |
||
drupal drupal 5.19 |
||
drupal drupal 5.2 |
||
drupal drupal 5.9 |
||
drupal drupal 5.11 |
||
drupal drupal 5.16 |
||
drupal drupal 5.18 |
||
drupal drupal 6.4 |
||
drupal drupal 6.5 |
||
drupal drupal 6.6 |
||
drupal drupal 6.7 |
||
drupal drupal 6.0 |
||
drupal drupal 6.12 |
||
drupal drupal 6.13 |
||
drupal drupal 6.14 |
||
drupal drupal 6.15 |
||
drupal drupal 6.16 |
||
drupal drupal 6.2 |
||
drupal drupal 6.9 |
||
drupal drupal 6.11 |
||
drupal drupal 6.1 |
||
drupal drupal 6.3 |
||
drupal drupal 6.8 |
||
drupal drupal 6.10 |
||
drupal drupal 6.17 |