Announcements
1 CVEs
product
Monthly
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Privilege Escalation
Announcements
NVD
CVSS 2.0
3.5
EPSS
0.3%
EPSS 0%
CVSS 3.5
LOW
PATCH
Monitor
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Privilege Escalation
Announcements
NVD