Miembros de
Boletines de Vulnerabilidades |
Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002 |
|
Información sobre el sistema |
|
| Software afectado | Drupal |
Descripción |
|
|
Project: Drupal coreDate: 2023-March-15Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information DisclosureAffected versions: >=8.0.0 =9.5.0 =10.0.0 Description: The Media module does not properly check entity access in some circumstances. This may result in users seeing thumbnails of media items they do not have access to, including for private files.This release was coordinated with SA-CONTRIB-2023-010.This advisory is More info: https://www.drupal.org/sa-core-2023-002 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2023-03-16 |