Earl Dunovant: >> Week >> 6.x-1.x-dev Security Vulnerabilities
The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.006
Published
2010-02-27