CVE-2013-2247
https://notcve.org/view.php?id=CVE-2013-2247
The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to the modal content callback, which allows remote attackers to obtain unspecified access to the permissions edit form. El módulo Fast Permissions Administration v6.x-2.x anterior a v6.x-2.5 y v7.x-2.x anterior a v7.x-2.3 para Drupal no restringe adecuadamente el acceso a la función de llamada de modelo de contenidos lo que permite a atacantes remotos obtener acceso no especificado en el formulario de edición permisos. • http://www.openwall.com/lists/oss-security/2013/07/06/3 https://drupal.org/node/2028417 https://drupal.org/node/2028421 https://drupal.org/node/2028813 • CWE-264: Permissions, Privileges, and Access Controls •