VYPR
Unrated severityNVD Advisory· Published Nov 13, 2019· Updated Aug 7, 2024

CVE-2011-4972

CVE-2011-4972

Description

hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.