Vigil@nce - Drupal Embedded Media Field: URL based access control bypass
April 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use crafted URL for Drupal Embedded Media Field,
in order to access unauthorized pages.
Impacted products: Drupal Modules not comprehensive, Fedora.
Severity: 2/4.
Creation date: 11/02/2016.
DESCRIPTION OF THE VULNERABILITY
The Embedded Media Field module can be installed on Drupal.
One may define access control rules based on the requested URL.
However, the URL decoding is not rightly done, and some specially
crafted URLs allow to access unauthorized pages.
An attacker can therefore use crafted URL for Drupal Embedded
Media Field, in order to access unauthorized pages.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Drupal-Embedded-Media-Field-URL-based-access-control-bypass-18925