Your submission was sent successfully! Close

CVE-2010-2473

Published: 7 November 2019

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
drupal6
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
maverick Not vulnerable
(6.18-1ubuntu1)
natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring Not vulnerable

saucy Does not exist

upstream
Released (6.18-1)