Drupal Restrict Node Page View Module Security Bypass Vulnerability

Summary

The Restrict node page view module for Drupal is prone to a security-bypass vulnerability. .

Credit:

The original article can be found at: http://www.securityfocus.com/bid/54407.
The information has been provided by Jake Bell. .


Details

Vulnerable Systems:
 * Drupal Restrict Node Page View Module Security Bypass Vulnerability

Attackers can exploit this issue to bypass security restrictions to obtain sensitive information; this may aid in launching further attacks.Versions prior to Restrict node page view 7.x-1.2 are vulnerable.

Vendor Status:
Currently we are not aware of any vendor-supplied patches

Disclosure Timeline:
Initial Release: Jul 12 2012

Categories: News