Security Advisory

CVE-2011-1661

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-04-10 01:00:00

Last updated 2024-08-06 22:37:25

Assigner mitre

State PUBLISHED

Description

The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature.

← Browse all CVEs View on cve.org ↗