Improper Clearing of Cached Access Lists in Elgg before 1.8.5
CVE-2012-6563 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.