Drupal Node Embed Module Access Security Bypass Vulnerability UPDATED

Summary

The Node Embed module for Drupal is prone to a security-bypass vulnerability.

Credit:

The original article can be found at: http://www.securityfocus.com/bid/53835
The information has been provided by Paul Aumer-Ryan.


Details

Vulnerable Systems:
 * Drupal Node Embed 7.x-1.x

An attacker can exploit this issue to bypass certain security restrictions and view node titles; this may aid in launching further attacks.

Vendor Status:
Vendor as issued an updated vulnerability.

Patch Availability:
http://drupal.org/node/1619824

CVE Information:
CVE-2012-2722

Disclosure Timeline:
Published:May 30 2012
Updated:Aug 07 2012

Categories: News