- EPSS 0.42%
- Veröffentlicht 18.08.2015 17:59:31
- Zuletzt bearbeitet 12.04.2025 10:46:40
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to...
- EPSS 0.25%
- Veröffentlicht 21.04.2015 18:59:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspec...
CVE-2015-3378
- EPSS 0.51%
- Veröffentlicht 21.04.2015 18:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and co...
CVE-2013-1887
- EPSS 0.28%
- Veröffentlicht 27.03.2013 23:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via certain view configuration fields.