QwikSec

Security Database

CVE

CWE

Training

CVE-2012-4483

Published: Oct 31, 2012

Modified: Sep 17, 2024

PUBLISHED

Description

The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20121004 CVE Request for Drupal Contributed Modules

mailing-list

x_refsource_MLIST

http://drupalcode.org/project/commons.git/commitdiff/8ef688b

x_refsource_CONFIRM

http://drupal.org/node/1679820

x_refsource_MISC

http://drupal.org/node/1679908

x_refsource_CONFIRM

[oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.