Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2016-9450 - log back

CVE-2016-9450 created at 25 Sep 2019 19:31:40

Severity

+

Low

Remote

+

Remote

Type

+	Content spoofing

Description

+	The user password reset form does not specify a proper cache context, which can lead to cache poisoning and unwanted content on the page.

References

+	https://www.drupal.org/SA-CORE-2016-005

Notes