CVE-2007-3690 Information

Feb 14, 2021 cve

Description

The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups (2) Taxonomy Access Control (3) Taxonomy Access Lite and other unspecified node access modules via modified URL arguments.

Reference

http://drupal.org/node/152806 http://drupal.org/node/158022 http://drupal.org/node/158025 http://osvdb.org/37896 http://secunia.com/advisories/25999 http://www.securityfocus.com/bid/24862 http://www.vupen.com/english/advisories/2007/2469 https://exchange.xforce.ibmcloud.com/vulnerabilities/35318 forward-url-security-bypass(35318)

Share on: