SQL Injection Vulnerability in Drupal 6.x Products by Drupal
CVE-2011-2715
9.8CRITICAL
What is CVE-2011-2715?
An SQL Injection vulnerability has been identified in Drupal 6.20 and Data 6.x-1.0-alpha14, stemming from inadequate sanitization of table names and column names. This flaw could allow attackers to manipulate database queries for unauthorized access and potential data exposure. Implementing proper validation and sanitization methods is essential to mitigate this security risk.
Affected Version(s)
Data-module 6.x-1.0-alpha14