Back to search
CVE-2009-4526
Published: Dec 31, 2009
Modified: Sep 16, 2024
PUBLISHED
Description
The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2009-2922
vdb-entry
x_refsource_VUPEN
http://drupal.org/node/604806
x_refsource_CONFIRM
58951
vdb-entry
x_refsource_OSVDB
37059
third-party-advisory
x_refsource_SECUNIA
http://drupal.org/node/604808
x_refsource_CONFIRM
http://drupal.org/node/604804
x_refsource_CONFIRM
36707
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now