CVE-2010-2473

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-11-07 19:15

Updated : 2024-02-28 17:28


NVD link : CVE-2010-2473

Mitre link : CVE-2010-2473

CVE.ORG link : CVE-2010-2473


JSON object : View

Products Affected

drupal

  • drupal
CWE
CWE-20

Improper Input Validation