Unauthenticated Access to Unpublished Content in Drupal Revisioning Module
CVE-2013-4597 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The Revisioning module 7.x-1.x before 7.x-1.6 for Drupal does not properly check node access permissions for content marked unpublished by the Scheduled module, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Learn more about our User Device Pen Test.