CVE-2010-2473

Published: 07 November 2019

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked.

Priority

CVSS 3 base score: 6.5

Status

Package	Release	Status
drupal6 Launchpad, Ubuntu, Debian	Upstream	Released (6.18-1)






	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2473
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592716

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›