CVE-2013-2122

EPSS 0.59%
Veröffentlicht 16.07.2013 18:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Quade ≫ Edit Limit Version7.x-1.0

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.0 Updatebeta1

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.0 Updatebeta2

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.0 Updatebeta3

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.0 Updatebeta4

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.1

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.2

Drupal ≫ Drupal Version-

Quade ≫ Edit Limit Version7.x-1.x Updatedev

Drupal ≫ Drupal Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.59%	0.667

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://osvdb.org/93725

http://seclists.org/fulldisclosure/2013/May/208

http://secunia.com/advisories/53556

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/05/29/9

http://www.securityfocus.com/bid/60209

https://drupal.org/node/2006188

Vendor Advisory

https://drupal.org/node/2007048

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/84630

https://nvd.nist.gov/vuln/detail/CVE-2013-2122

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-2122

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-2122

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2013-2122