Description
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.
Remediation
References
Related Vulnerabilities
WordPress Plugin Comments-wpDiscuz Arbitrary File Upload (7.0.4)
OpenSSL Improper Input Validation Vulnerability (CVE-2013-4353)
PHP Other Vulnerability (CVE-2015-0232)
Atlassian Jira CVE-2020-36235 Vulnerability (CVE-2020-36235)
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3.3)