cvedb.io
CVE-2016-9449
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2016-11-25T18:59:00.387 · Last modified 2026-06-17T00:56:05.517

Summary

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags.

Affected products

drupal — drupal

Does this affect you?

Add your gear to cvedb and we'll alert you only when drupal ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.