← volver
CVE-2012-4483

CVE-2012-4483

EPSS 1.4%
The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://drupalcode.org/project/commons.git/commitdiff/8ef688bhttp://drupal.org/node/1679820http://drupal.org/node/1679908http://www.openwall.com/lists/oss-security/2012/10/04/6http://www.openwall.com/lists/oss-security/2012/10/07/1