Medium severity5.3NVD Advisory· Published Sep 9, 2016· Updated May 6, 2026

CVE-2016-6212

Description

The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
drupal/corePackagist	>= 8.0, < 8.1.3	8.1.3
drupal/drupalPackagist	>= 8.0, < 8.1.3	8.1.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2016/07/13/4nvdMailing ListThird Party AdvisoryWEB
www.openwall.com/lists/oss-security/2016/07/13/7nvdMailing ListThird Party AdvisoryWEB
github.com/advisories/GHSA-rfxx-gxwc-923cghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2016-6212ghsaADVISORY
www.drupal.org/SA-CORE-2016-002nvdVendor AdvisoryWEB
www.drupal.org/node/2749333nvdVendor AdvisoryWEB
www.securityfocus.com/bid/91230nvdWEB
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6212.yamlghsaWEB
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6212.yamlghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000