Access Restriction Bypass in Activism Module for Drupal

Access Restriction Bypass in Activism Module for Drupal

CVE-2012-4498 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly have other unspecified impact.

Learn more about our Web Application Penetration Testing UK.