Kristof De Jaeger » Commentreference : Security Vulnerabilities, CVEs,
The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path.
Max CVSS
5.0
EPSS Score
0.15%
Published
2009-12-31
Updated
2010-01-06
1 vulnerabilities found