Vulnerability Description
The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Forward Module | <= 4.7 |
References
- http://drupal.org/node/152806Patch
- http://drupal.org/node/158022Patch
- http://drupal.org/node/158025Patch
- http://osvdb.org/37896
- http://secunia.com/advisories/25999
- http://www.securityfocus.com/bid/24862
- http://www.vupen.com/english/advisories/2007/2469
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35318
- http://drupal.org/node/152806Patch
- http://drupal.org/node/158022Patch
- http://drupal.org/node/158025Patch
- http://osvdb.org/37896
- http://secunia.com/advisories/25999
- http://www.securityfocus.com/bid/24862
- http://www.vupen.com/english/advisories/2007/2469
FAQ
What is CVE-2007-3690?
CVE-2007-3690 is a vulnerability with a CVSS score of 7.8 (HIGH). The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and o...
How severe is CVE-2007-3690?
CVE-2007-3690 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3690?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Forward Module.