Max CVSS | 6.8 | Min CVSS | 4.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-4446 | 6.8 |
The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to
|
09-12-2013 - 17:38 | 07-12-2013 - 20:55 | |
CVE-2013-4445 | 4.9 |
The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access toke
|
09-12-2013 - 17:36 | 07-12-2013 - 20:55 |