Vigil@nce - Drupal: privilege escalation via Commons Wikis/Groups
April 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can escalate his privileges in Commons Wikis/Groups of
Drupal, in order to post content into groups.
Impacted products: Drupal
Severity: 2/4
Creation date: 28/03/2013
DESCRIPTION OF THE VULNERABILITY
The Commons Wikis/Groups module allows users to publish
information.
An attacker can escalate his privileges in Commons Wikis/Groups of
Drupal, in order to post content into groups.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Drupal-privilege-escalation-via-Commons-Wikis-Groups-12586