Drupal AutoAssign Role Module < 6.x-1.2 Authentication Bypass
Medium Nessus Network Monitor Plugin ID 5536
SynopsisThe remote host is vulnerable to a flaw which allows for the bypassing of Authentication
DescriptionThe remote host is running an older version of the Drupal AutoAssign Role module.
There is a flaw in this version of AutoAssign which would allow a valid user to access controls and data which belong to another user.
SolutionUpgrade to Drupal AutoAssign Role 6.x-1.2.