The Forward module 6.x-1.x prior to 6.x-1.21 and 7.x-1.x prior to 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote malicious users to obtain node titles via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sean_robertson forward 6.x-1.14 |
||
sean_robertson forward 6.x-1.13 |
||
sean_robertson forward 6.x-1.7 |
||
sean_robertson forward 6.x-1.6 |
||
sean_robertson forward 6.x-1.20 |
||
sean_robertson forward 6.x-1.19 |
||
sean_robertson forward 6.x-1.3 |
||
sean_robertson forward 6.x-1.16 |
||
sean_robertson forward 6.x-1.15 |
||
sean_robertson forward 6.x-1.9 |
||
sean_robertson forward 6.x-1.8 |
||
sean_robertson forward 6.x-1.x-dev |
||
sean_robertson forward 6.x-1.12 |
||
sean_robertson forward 6.x-1.5 |
||
sean_robertson forward 6.x-1.4 |
||
sean_robertson forward 6.x-1.18 |
||
sean_robertson forward 6.x-1.17 |
||
sean_robertson forward 6.x-1.11 |
||
sean_robertson forward 6.x-1.10 |
||
sean_robertson forward 6.x-1.2 |
||
sean_robertson forward 6.x-1.1 |
||
sean_robertson forward 6.x-1.0 |
||
sean_robertson forward 7.x-1.0 |
||
sean_robertson forward 7.x-1.2 |
||
sean_robertson forward 7.x-1.1 |
||
sean_robertson forward 7.x-1.x-dev |