CVE-2009-3921

CVE-2009-3921 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Smartqueue_og module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-rc3, a module for Drupal, does not verify group-node privileges in certain circumstances involving subqueue creation, which allows remote authenticated users to discover arbitrary organic group names by reading confirmation messages.

Learn more about our User Device Pen Test.