CVE-2016-3168
- Source
- https://cve.org/CVERecord?id=CVE-2016-3168
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3168.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-3168
- Aliases
- Downstream
- Published
- 2016-04-12T15:59:05.963Z
- Modified
- 2026-03-13T22:25:44.353340Z
- Severity
-
- 6.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."
- References
Affected packages
Git / github.com/drupal/drupal
Affected ranges
- Type
- GIT
- Repo
- https://github.com/drupal/drupal
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "6.0" }, { "introduced": "0" }, { "last_affected": "6.0-dev" }, { "introduced": "0" }, { "last_affected": "6.1" }, { "introduced": "0" }, { "last_affected": "6.2" }, { "introduced": "0" }, { "last_affected": "6.3" }, { "introduced": "0" }, { "last_affected": "6.4" }, { "introduced": "0" }, { "last_affected": "6.5" }, { "introduced": "0" }, { "last_affected": "6.6" }, { "introduced": "0" }, { "last_affected": "6.7" }, { "introduced": "0" }, { "last_affected": "6.8" }, { "introduced": "0" }, { "last_affected": "6.9" }, { "introduced": "0" }, { "last_affected": "6.10" }, { "introduced": "0" }, { "last_affected": "6.11" }, { "introduced": "0" }, { "last_affected": "6.12" }, { "introduced": "0" }, { "last_affected": "6.13" }, { "introduced": "0" }, { "last_affected": "6.14" }, { "introduced": "0" }, { "last_affected": "6.15" }, { "introduced": "0" }, { "last_affected": "6.16" }, { "introduced": "0" }, { "last_affected": "6.17" }, { "introduced": "0" }, { "last_affected": "6.18" }, { "introduced": "0" }, { "last_affected": "6.19" }, { "introduced": "0" }, { "last_affected": "6.20" }, { "introduced": "0" }, { "last_affected": "6.21" }, { "introduced": "0" }, { "last_affected": "6.22" }, { "introduced": "0" }, { "last_affected": "6.23" }, { "introduced": "0" }, { "last_affected": "6.24" }, { "introduced": "0" }, { "last_affected": "6.25" }, { "introduced": "0" }, { "last_affected": "6.26" }, { "introduced": "0" }, { "last_affected": "6.27" }, { "introduced": "0" }, { "last_affected": "6.28" }, { "introduced": "0" }, { "last_affected": "6.29" }, { "introduced": "0" }, { "last_affected": "6.30" }, { "introduced": "0" }, { "last_affected": "6.31" }, { "introduced": "0" }, { "last_affected": "6.32" }, { "introduced": "0" }, { "last_affected": "6.33" }, { "introduced": "0" }, { "last_affected": "6.34" }, { "introduced": "0" }, { "last_affected": "6.35" }, { "introduced": "0" }, { "last_affected": "6.36" }, { "introduced": "0" }, { "last_affected": "6.37" }, { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "7.0-alpha1" }, { "introduced": "0" }, { "last_affected": "7.0-alpha2" }, { "introduced": "0" }, { "last_affected": "7.0-alpha3" }, { "introduced": "0" }, { "last_affected": "7.0-alpha4" }, { "introduced": "0" }, { "last_affected": "7.0-alpha5" }, { "introduced": "0" }, { "last_affected": "7.0-alpha6" }, { "introduced": "0" }, { "last_affected": "7.0-alpha7" }, { "introduced": "0" }, { "last_affected": "7.0-beta1" }, { "introduced": "0" }, { "last_affected": "7.0-beta2" }, { "introduced": "0" }, { "last_affected": "7.0-beta3" }, { "introduced": "0" }, { "last_affected": "7.0-dev" }, { "introduced": "0" }, { "last_affected": "7.1" }, { "introduced": "0" }, { "last_affected": "7.2" }, { "introduced": "0" }, { "last_affected": "7.3" }, { "introduced": "0" }, { "last_affected": "7.4" }, { "introduced": "0" }, { "last_affected": "7.5" }, { "introduced": "0" }, { "last_affected": "7.6" }, { "introduced": "0" }, { "last_affected": "7.7" }, { "introduced": "0" }, { "last_affected": "7.8" }, { "introduced": "0" }, { "last_affected": "7.9" }, { "introduced": "0" }, { "last_affected": "7.10" }, { "introduced": "0" }, { "last_affected": "7.11" }, { "introduced": "0" }, { "last_affected": "7.12" }, { "introduced": "0" }, { "last_affected": "7.13" }, { "introduced": "0" }, { "last_affected": "7.14" }, { "introduced": "0" }, { "last_affected": "7.15" }, { "introduced": "0" }, { "last_affected": "7.16" }, { "introduced": "0" }, { "last_affected": "7.17" }, { "introduced": "0" }, { "last_affected": "7.18" }, { "introduced": "0" }, { "last_affected": "7.19" }, { "introduced": "0" }, { "last_affected": "7.20" }, { "introduced": "0" }, { "last_affected": "7.21" }, { "introduced": "0" }, { "last_affected": "7.22" }, { "introduced": "0" }, { "last_affected": "7.23" }, { "introduced": "0" }, { "last_affected": "7.24" }, { "introduced": "0" }, { "last_affected": "7.25" }, { "introduced": "0" }, { "last_affected": "7.26" }, { "introduced": "0" }, { "last_affected": "7.27" }, { "introduced": "0" }, { "last_affected": "7.28" }, { "introduced": "0" }, { "last_affected": "7.29" }, { "introduced": "0" }, { "last_affected": "7.30" }, { "introduced": "0" }, { "last_affected": "7.31" }, { "introduced": "0" }, { "last_affected": "7.32" }, { "introduced": "0" }, { "last_affected": "7.33" }, { "introduced": "0" }, { "last_affected": "7.34" }, { "introduced": "0" }, { "last_affected": "7.35" }, { "introduced": "0" }, { "last_affected": "7.36" }, { "introduced": "0" }, { "last_affected": "7.37" }, { "introduced": "0" }, { "last_affected": "7.38" }, { "introduced": "0" }, { "last_affected": "7.40" }, { "introduced": "0" }, { "last_affected": "7.41" }, { "introduced": "0" }, { "last_affected": "7.42" }, { "introduced": "0" }, { "last_affected": "7.x-dev" }, { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }
Affected versions
1.*
1.0
2.*
2.0
3.*
3.0.1
5.*
5.0-beta-1
5.0-beta-2
5.0-rc-1
5.0-rc-2
6.*
6.0
6.0-beta-1
6.0-beta-2
6.0-beta-3
6.0-beta-4
6.0-rc-1
6.0-rc-2
6.0-rc-3
6.0-rc-4
7.*
7.0
7.0-alpha1
7.0-alpha2
7.0-alpha3
7.0-alpha4
7.0-alpha5
7.0-alpha6
7.0-alpha7
7.0-beta1
7.0-beta2
7.0-beta3
7.0-rc-1
7.0-rc-2
7.0-rc-3
7.0-rc-4
7.0-unstable-1
7.0-unstable-10
7.0-unstable-2
7.0-unstable-3
7.0-unstable-4
7.0-unstable-5
7.0-unstable-6
7.0-unstable-7
Other
start
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-beta4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.0-rc4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0-rc4"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3168.json"