Improper Access Restrictions in Drupal Commons Module
CVE-2012-4483 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing.
Learn more about our Web Application Penetration Testing UK.