Access Restriction Bypass in Activism Module for Drupal
CVE-2012-4498 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly have other unspecified impact.
Learn more about our Web Application Penetration Testing UK.