CVE-2013-7063
Published: 29 April 2014
The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views.
Notes
| Author | Note |
|---|---|
| leosilva | "Drupal core is not affected. If you do not use the contributed Invitation module, there is nothing you need to do." "Solution: If you use the Invitation module for Drupal 7.x, you should disable the module. There is no release with a fix." |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
drupal6 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| lucid |
Ignored
(end of life)
|
|
| precise |
Ignored
(end of life)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| utopic |
Does not exist
|
|
| vivid |
Does not exist
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
drupal7 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(code not present)
|
| lucid |
Does not exist
|
|
| precise |
Ignored
(end of life)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Ignored
(end of life)
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Needs triage
|
|
| utopic |
Ignored
(end of life)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Ignored
(end of life)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| yakkety |
Ignored
(end of life)
|
|
| zesty |
Not vulnerable
(code not present)
|