CVE-2016-9449

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-9449
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9449.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-9449
Aliases
Downstream
Related
Published
2016-11-25T18:59:00.387Z
Modified
2026-03-03T00:56:26.793222Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags.

References

Affected packages

Git / github.com/drupal/drupal

Affected ranges

Type
GIT
Repo
https://github.com/drupal/drupal
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ca30166e37ed78e1f9920dc42a82396d98d2a3f4

Affected versions

1.*
1.0
10.*
10.0.0
10.0.0-alpha1
10.0.0-alpha3
10.0.0-alpha4
10.0.0-alpha5
10.0.0-alpha6
10.0.0-alpha7
10.0.0-beta1
10.0.0-beta2
10.0.0-rc1
10.0.0-rc2
10.0.0-rc3
10.0.1
10.0.10
10.0.11
10.0.2
10.0.4
10.0.5
10.0.6
10.0.7
10.0.8
10.0.9
10.1.0
10.1.0-alpha1
10.1.0-beta1
10.1.0-rc1
10.1.1
10.1.2
10.1.3
10.1.4
10.1.5
10.1.6
10.1.7
10.1.8
10.2.0
10.2.0-alpha1
10.2.0-beta1
10.2.0-rc1
10.2.1
10.2.10
10.2.11
10.2.12
10.2.2
10.2.3
10.2.4
10.2.5
10.2.6
10.2.7
10.2.8
10.2.9
10.3.0-beta1
10.3.0-rc1
10.3.1
10.3.10
10.3.11
10.3.12
10.3.13
10.3.2
10.3.3
10.3.4
10.3.5
10.3.6
10.3.7
10.3.8
10.3.9
10.4.0
10.4.0-beta1
10.4.0-rc1
10.4.1
10.4.2
10.4.3
10.4.4
10.4.6
10.4.7
10.4.8
10.4.9
10.5.0
10.5.0-beta1
10.5.0-rc1
10.5.1
10.5.2
10.5.3
10.5.4
10.5.5
10.5.6
10.5.7
10.5.8
10.6.0
10.6.0-beta1
10.6.0-rc1
10.6.1
10.6.2
10.6.3
11.*
11.0.0
11.0.0-alpha1
11.0.0-beta1
11.0.1
11.0.10
11.0.11
11.0.12
11.0.2
11.0.3
11.0.4
11.0.5
11.0.6
11.0.7
11.0.8
11.0.9
11.1.0
11.1.0-beta1
11.1.0-rc1
11.1.1
11.1.2
11.1.3
11.1.4
11.1.6
11.1.7
11.1.8
11.1.9
11.2.0
11.2.0-alpha1
11.2.0-beta1
11.2.0-rc1
11.2.0-rc2
11.2.1
11.2.10
11.2.2
11.2.3
11.2.4
11.2.5
11.2.6
11.2.7
11.2.8
11.2.9
11.3.0
11.3.0-alpha1
11.3.0-beta1
11.3.0-rc1
11.3.0-rc2
11.3.1
11.3.2
11.3.3
2.*
2.0
3.*
3.0.1
5.*
5.0-beta-1
5.0-beta-2
5.0-rc-1
5.0-rc-2
6.*
6.0-beta-1
6.0-beta-2
6.0-beta-3
6.0-beta-4
6.0-rc-1
6.0-rc-2
6.0-rc-3
7.*
7.0
7.0-alpha1
7.0-alpha2
7.0-alpha3
7.0-alpha4
7.0-alpha5
7.0-alpha6
7.0-alpha7
7.0-beta1
7.0-beta2
7.0-beta3
7.0-rc-1
7.0-rc-2
7.0-rc-3
7.0-rc-4
7.0-unstable-1
7.0-unstable-10
7.0-unstable-2
7.0-unstable-3
7.0-unstable-4
7.0-unstable-5
7.0-unstable-6
7.0-unstable-7
8.*
8.0-alpha10
8.0-alpha11
8.0-alpha12
8.0-alpha13
8.0-alpha2
8.0-alpha3
8.0-alpha4
8.0-alpha5
8.0-alpha6
8.0-alpha7
8.0-alpha8
8.0-alpha9
8.0.0
8.0.0-alpha14
8.0.0-alpha15
8.0.0-beta1
8.0.0-beta10
8.0.0-beta11
8.0.0-beta12
8.0.0-beta13
8.0.0-beta14
8.0.0-beta15
8.0.0-beta16
8.0.0-beta2
8.0.0-beta3
8.0.0-beta4
8.0.0-beta5
8.0.0-beta6
8.0.0-beta7
8.0.0-beta9
8.0.0-rc1
8.0.0-rc2
8.0.0-rc3
8.0.0-rc4
8.0.1
8.0.2
8.0.3
8.0.4
8.0.5
8.0.6
8.1.0
8.1.0-beta1
8.1.0-beta2
8.1.0-rc1
8.1.1
8.1.10
8.1.2
8.1.3
8.1.4
8.1.5
8.1.6
8.1.7
8.1.8
8.1.9
8.2.0
8.2.0-beta1
8.2.0-beta2
8.2.0-beta3
8.2.0-rc1
8.2.0-rc2
8.2.1
8.2.2
8.2.3
8.2.4
8.2.5
8.2.6
8.2.7
8.2.8
8.3.0
8.3.0-alpha1
8.3.0-beta1
8.3.0-rc1
8.3.0-rc2
8.3.1
8.3.2
8.3.3
8.3.4
8.3.5
8.3.6
8.3.7
8.3.8
8.3.9
8.4.0
8.4.0-alpha1
8.4.0-beta1
8.4.0-rc1
8.4.0-rc2
8.4.1
8.4.2
8.4.3
8.4.4
8.4.5
8.4.6
8.4.7
8.4.8
8.5.0
8.5.0-alpha1
8.5.0-beta1
8.5.0-rc1
8.5.1
8.5.10
8.5.11
8.5.12
8.5.13
8.5.14
8.5.15
8.5.2
8.5.3
8.5.4
8.5.5
8.5.6
8.5.7
8.5.8
8.5.9
8.6.0
8.6.0-alpha1
8.6.0-beta2
8.6.0-rc1
8.6.1
8.6.10
8.6.11
8.6.12
8.6.13
8.6.14
8.6.15
8.6.16
8.6.17
8.6.18
8.6.2
8.6.3
8.6.4
8.6.5
8.6.6
8.6.7
8.6.8
8.6.9
8.7.0
8.7.0-alpha1
8.7.0-alpha2
8.7.0-beta1
8.7.0-beta2
8.7.0-rc1
8.7.1
8.7.10
8.7.11
8.7.12
8.7.13
8.7.14
8.7.2
8.7.3
8.7.4
8.7.5
8.7.6
8.7.7
8.7.8
8.7.9
8.8.0
8.8.0-alpha1
8.8.0-beta1
8.8.0-rc1
8.8.1
8.8.10
8.8.11
8.8.2
8.8.3
8.8.4
8.8.5
8.8.6
8.8.7
8.8.8
8.8.9
8.9.0
8.9.0-beta1
8.9.0-beta2
8.9.0-beta3
8.9.0-rc1
8.9.1
8.9.10
8.9.11
8.9.12
8.9.13
8.9.14
8.9.15
8.9.16
8.9.17
8.9.18
8.9.19
8.9.2
8.9.20
8.9.3
8.9.4
8.9.5
8.9.6
8.9.8
8.9.9
9.*
9.0.0
9.0.0-alpha1
9.0.0-alpha2
9.0.0-beta1
9.0.0-beta2
9.0.0-beta3
9.0.0-rc1
9.0.1
9.0.10
9.0.11
9.0.12
9.0.13
9.0.14
9.0.2
9.0.3
9.0.5
9.0.6
9.0.7
9.0.8
9.0.9
9.1.0
9.1.0-alpha1
9.1.0-beta1
9.1.0-rc1
9.1.0-rc2
9.1.0-rc3
9.1.1
9.1.10
9.1.11
9.1.12
9.1.13
9.1.14
9.1.15
9.1.2
9.1.3
9.1.4
9.1.5
9.1.6
9.1.7
9.1.8
9.1.9
9.2.0
9.2.0-alpha1
9.2.0-beta1
9.2.0-beta2
9.2.0-beta3
9.2.0-rc1
9.2.1
9.2.10
9.2.11
9.2.12
9.2.13
9.2.14
9.2.15
9.2.16
9.2.17
9.2.18
9.2.19
9.2.2
9.2.20
9.2.21
9.2.3
9.2.4
9.2.5
9.2.6
9.2.7
9.2.8
9.2.9
9.3.0
9.3.0-alpha1
9.3.0-beta1
9.3.0-beta2
9.3.0-beta3
9.3.0-rc1
9.3.10
9.3.11
9.3.12
9.3.13
9.3.14
9.3.15
9.3.16
9.3.17
9.3.18
9.3.19
9.3.2
9.3.20
9.3.21
9.3.22
9.3.3
9.3.4
9.3.5
9.3.6
9.3.7
9.3.8
9.3.9
9.4.0
9.4.0-alpha1
9.4.0-beta1
9.4.0-rc1
9.4.0-rc2
9.4.1
9.4.10
9.4.11
9.4.12
9.4.13
9.4.14
9.4.15
9.4.2
9.4.3
9.4.4
9.4.5
9.4.6
9.4.7
9.4.8
9.4.9
9.5.0
9.5.0-beta1
9.5.0-beta2
9.5.0-rc1
9.5.0-rc2
9.5.1
9.5.10
9.5.11
9.5.2
9.5.3
9.5.4
9.5.5
9.5.6
9.5.7
9.5.8
9.5.9
Other
start

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9449.json"