Description
The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows remote attackers to gain privileges by leveraging contributed or custom code that calls the user_save function with an explicit category and loads all roles into the array.
Remediation
References
Related Vulnerabilities
Twisted Web HTTP Server Direct Request ('Forced Browsing') Vulnerability (CVE-2016-1000111)
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1627)
MySQL CVE-2018-3156 Vulnerability (CVE-2018-3156)
Oracle JRE CVE-2023-22036 Vulnerability (CVE-2023-22036)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4133)