SecBoard
Zurück zur CVE-Übersicht

CVE-2014-9022

MEDIUM(6.4)

AV:N/AC:L/Au:N/C:N/I:P/A:P

Risk Signal Score16/100 — NIEDRIG
  • CVSS 6.4 — Mittel

EPSS-Score

2%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.4

Technische Schwere

Beschreibung

The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x before 7.x-1.8 for Drupal allows remote attackers to bypass the "disabled" restriction and modify read-only components via a crafted form.

Referenzen