The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote attackers to block or unblock an account via a crafted user status link.
References
Link | Resource |
---|---|
https://www.drupal.org/node/2316065 | Patch Vendor Advisory |
https://www.drupal.org/node/2316747 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-12-01 16:59
Updated : 2024-02-28 12:20
NVD link : CVE-2014-5268
Mitre link : CVE-2014-5268
CVE.ORG link : CVE-2014-5268
JSON object : View
Products Affected
fasttoggle_project
- fasttoggle
CWE
CWE-264
Permissions, Privileges, and Access Controls