VYPR
Unrated severityNVD Advisory· Published Mar 9, 2007· Updated Jun 16, 2026

CVE-2007-1368

CVE-2007-1368

Description

The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_1.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:4.7_2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:5.0_0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:drupal_project_issue_tracking:5.7_1.1:*:*:*:*:*:*:*
  • Drupal/Projectllm-fuzzy
    Range: <4.7.x-1.3, <4.7.x-2.3, <5.x-0.2-beta

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.