First published: Wed Oct 31 2012(Updated: )
The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Acquia Commons | =6.x-2.4 | |
Acquia Commons | =6.x-2.5 | |
Acquia Commons | =6.x-2.6 | |
Acquia Commons | =6.x-2.7 | |
Acquia Commons | =6.x-2.x-dev | |
Drupal Drupal |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.