The Taxonomy module provides various listing pages which display content tagged with a particular taxonomy term. Custom or contributed modules may also provide similar lists. Under certain circumstances, unpublished content could appear on these pages and would be visible to users who should not have permission to see it.
Part of security release SA-CORE-2014-001
This vulnerability affects the following application versions:
- Drupal 7.15
- Drupal 7.16
- Drupal 7.17
- Drupal 7.18
- Drupal 7.19
- Drupal 7.20
- Drupal 7.21
- Drupal 7.22
- Drupal 7.23
- Drupal 7.24
- Drupal 7.25