Posted by obsidiandesign on March 21, 2009 at 10:12pm
| Download | Size | md5 hash |
|---|---|---|
| cck_field_privacy-6.x-1.1.tar.gz | 12.96 KB | 7f9c85990c6ff2f5e9f3bcf614a9fb75 |
| cck_field_privacy-6.x-1.1.zip | 14.64 KB | 14c9f3d93cc25f8130afd9d917995447 |
Last updated: December 24, 2010 - 22:35
Security update for DRUPAL-SA-CONTRIB-2009-014
#409626: Anonymous users can navigate to admin/content/cck_field_privacy page by merchadmin - CCK Field Privacy was incorrectly updated for the Drupal 6.x menu system in such a way that the intended access controls for the administrative pages are by-passed for unprivileged users. This may allow users to change permissions on fields and lead to exposure of private content.