Description
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
WordPress Plugin WP to Twitter Cross-Site Scripting (3.0.5)
TCExam Missing Authorization Vulnerability (CVE-2023-6554)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.0.6)