Description

Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.

Remediation

References

CVE-2015-6661

Related Vulnerabilities

WordPress Plugin WordPress Automatic SQL Injection (3.92.0)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)

MediaWiki Improper Privilege Management Vulnerability (CVE-2021-44857)

GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3239)

PHP Use After Free Vulnerability (CVE-2021-21708)

Severity

Medium

Classification

CVE-2015-6661 CWE-200

Tags

Missing Update Known Vulnerabilities