Launchpad.net

CVE 2010-3093

The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.

Related bugs and status

CVE-2010-3093 (Candidate) is related to these bugs:

Bug #539056: backport security fixes from 6.19 and 5.23

		In	Importance	Status
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu)	Medium	Fix Released
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu)	Undecided	Invalid
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu Hardy)	Medium	Fix Released
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu Hardy)	Undecided	Invalid
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu Jaunty)	Undecided	Won't Fix
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu Jaunty)	Undecided	Won't Fix
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu Karmic)	Medium	Fix Released
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu Karmic)	Medium	Fix Released
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu Lucid)	Undecided	Invalid
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu Lucid)	Medium	Fix Released
539056	backport security fixes from 6.19 and 5.23	drupal5 (Ubuntu Maverick)	Undecided	Invalid
539056	backport security fixes from 6.19 and 5.23	drupal6 (Ubuntu Maverick)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-3093

Related bugs and status

Related bugs

References