Unrated severityNVD Advisory· Published Aug 18, 2015· Updated May 6, 2026
CVE-2015-5490
CVE-2015-5490
Description
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors.
Affected products
5cpe:2.3:a:views_project:views:7.x-3.10:*:*:*:*:drupal:*:*+ 4 more
- cpe:2.3:a:views_project:views:7.x-3.10:*:*:*:*:drupal:*:*
- cpe:2.3:a:views_project:views:7.x-3.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:views_project:views:7.x-3.6:*:*:*:*:drupal:*:*
- cpe:2.3:a:views_project:views:7.x-3.7:*:*:*:*:drupal:*:*
- cpe:2.3:a:views_project:views:7.x-3.8:*:*:*:*:drupal:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.drupal.org/node/2480259nvdPatch
- www.drupal.org/node/2480327nvdPatchVendor Advisory
- www.drupal.org/node/2475669nvdExploit
- cgit.drupalcode.org/views/commit/nvd
- www.openwall.com/lists/oss-security/2015/07/04/4nvd
- www.securityfocus.com/bid/74462nvd
News mentions
0No linked articles in our index yet.