Your submission was sent successfully! Close

CVE-2010-2473

Published: 07 November 2019

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
drupal6
Launchpad, Ubuntu, Debian
Upstream
Released (6.18-1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist