- EPSS 2.61%
- Veröffentlicht 18.08.2015 17:59:31
- Zuletzt bearbeitet 06.05.2026 22:30:45
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to...
- EPSS 1.12%
- Veröffentlicht 21.04.2015 18:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspec...
CVE-2015-3378
- EPSS 1.58%
- Veröffentlicht 21.04.2015 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and co...
CVE-2013-1887
- EPSS 2.05%
- Veröffentlicht 27.03.2013 23:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via certain view configuration fields.