First published: Thu Dec 31 2009(Updated: )
The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Speedtech Storm | =6.x-1.0 | |
Speedtech Storm | =6.x-1.1 | |
Speedtech Storm | =6.x-1.2 | |
Speedtech Storm | =6.x-1.3 | |
Speedtech Storm | =6.x-1.4 | |
Speedtech Storm | =6.x-1.5 | |
Speedtech Storm | =6.x-1.6 | |
Speedtech Storm | =6.x-1.7 | |
Speedtech Storm | =6.x-1.8 | |
Speedtech Storm | =6.x-1.9 | |
Speedtech Storm | =6.x-1.10 | |
Speedtech Storm | =6.x-1.11 | |
Speedtech Storm | =6.x-1.12 | |
Speedtech Storm | =6.x-1.13 | |
Speedtech Storm | =6.x-1.14 | |
Speedtech Storm | =6.x-1.15 | |
Speedtech Storm | =6.x-1.16 | |
Speedtech Storm | =6.x-1.17 | |
Speedtech Storm | =6.x-1.18 | |
Speedtech Storm | =6.x-1.19 | |
Speedtech Storm | =6.x-1.20 | |
Speedtech Storm | =6.x-1.21 | |
Speedtech Storm | =6.x-1.22 | |
Speedtech Storm | =6.x-1.23 | |
Speedtech Storm | =6.x-1.24 | |
Speedtech Storm | =6.x-1.x-dev | |
Drupal Drupal |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.