VDB

GCVE-110-MAGEIA-2016-245

GCVE-110-MAGEIA-2016-245
Advisory Published
Vulnetix · Advisory published July 8, 2016
Updated drupal packages fix security vulnerability: A vulnerability exists in the User module, where if some specific contributed or custom code triggers a rebuild of the user profile form, a registered user can be granted all user roles on the site. This would typically result in the user gaining administrative access (SA-CORE-2016-002).

Affected Products

VendorProductVersionsPlatforms
Mageiadrupal0 (affected), 7.44-1.mga5 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›