CVE-2016-7570

CVE-2016-7570

Drupal 8.x before 8.1.10 does not properly check for "Administer comments" permission, which allows remote authenticated users to set the visibility of comments for arbitrary nodes by leveraging rights to edit those nodes.

Source: CVE-2016-7570

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다