CVE-2015-5496

CVE-2015-5496

EPSS 1.4%

The pass2pdf module for Drupal does not restrict access to generated PDF files, which allows remote attackers to obtain user passwords via unspecified vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.drupal.org/node/2492205 http://www.openwall.com/lists/oss-security/2015/07/04/4 http://www.securityfocus.com/bid/74755