MidnightBSD

Advisories for me_aliases_project

CVE-2015-5512 MEDIUM

The me aliases module 6.x-2.x before 6.x-2.10 and 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to access Views using the "me" user argument handler by substituting "me" for a user id in a URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
me_aliases_project me_aliases 7.x-1.0
me_aliases_project me_aliases 7.x-1.1
me_aliases_project me_aliases 6.x-2.3
me_aliases_project me_aliases 6.x-2.2
me_aliases_project me_aliases 6.x-2.7
me_aliases_project me_aliases 6.x-2.9
me_aliases_project me_aliases 6.x-2.4
me_aliases_project me_aliases 6.x-2.8
me_aliases_project me_aliases 6.x-2.5
me_aliases_project me_aliases 6.x-2.1
me_aliases_project me_aliases 6.x-2.6
me_aliases_project me_aliases 6.x-2.0