CVE-2015-3231
Currently unrated 🤨
Summary
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.
Refferences
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2015/dsa-3291
vendor-advisoryx_refsource_DEBIAN
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
https://www.drupal.org/SA-CORE-2015-002
x_refsource_CONFIRM
http://www.securityfocus.com/bid/75286
vdb-entryx_refsource_BID
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database