Releases13
Frequency1 year 3 months
Last Release
Nodejs Memcache Client

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
= 5.x-1.0, = 5.x-1.1, = 5.x-1.2, = 5.x-1.3, = 5.x-1.4, = 5.x-1.5, = 5.x-1.6, = 5.x-1.7, = 5.x-1.8, = 5.x-1.9, = 5.x-1.x, = 6.x-1.0, = 6.x-1.1, = 6.x-1.2, = 6.x-1.3, = 6.x-1.4, = 6.x-1.5, = 6.x-1.x4.3 MEDIUM

Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

= 5.x-1.0, = 5.x-1.1, = 5.x-1.2, = 5.x-1.3, = 5.x-1.4, = 5.x-1.5, = 5.x-1.6, = 5.x-1.7, = 5.x-1.8, = 5.x-1.9, = 5.x-1.x, = 6.x-1.0, = 6.x-1.1, = 6.x-1.2, = 6.x-1.3, = 6.x-1.4, = 6.x-1.5, = 6.x-1.x4.3 MEDIUM

The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might "lead to a role change not being recognized until the user logs in again."