Description

Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.

Remediation

References

CVE-2015-6661

Related Vulnerabilities

WordPress Plugin DFD Reddcoin Tips Cross-Site Scripting (1.1.1)

WordPress Plugin EZ Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5335)

Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)

PostgreSQL Resource Management Errors Vulnerability (CVE-2007-4772)

Severity

Medium

Classification

CVE-2015-6661 CWE-200

Tags

Missing Update Known Vulnerabilities