Information Disclosure Vulnerability in UC Profile Module for Drupal

Information Disclosure Vulnerability in UC Profile Module for Drupal

CVE-2015-8232 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors.

Learn more about our User Device Pen Test.