Unrated severityNVD Advisory· Published Aug 28, 2012· Updated Jun 16, 2026
CVE-2012-1635
CVE-2012-1635
Description
The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which allows remote attackers to bypass intended access restrictions, as demonstrated when using the XML sitemap module to obtain sensitive information about unpublished content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.0:beta9:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.x:*:*:*:*:*:*:*
- cpe:2.3:a:rik_de_boer:revisioning:7.x-1.x:dev:*:*:*:*:*:*
- Range: <7.x-1.3
Patches
Vulnerability mechanics
References
3- drupal.org/node/1407456nvdPatch
- drupal.org/node/1409268nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2012/04/07/1nvd
News mentions
0No linked articles in our index yet.