CVE Vulnerabilities

CVE-2008-4153

Published: Sep 24, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Talk module 5.x before 5.x-1.3 and 6.x before 6.x-1.5, a module for Drupal, does not perform access checks for a node before displaying comments, which allows remote attackers to obtain sensitive information.

Affected Software

Name Vendor Start Version End Version
Talk Drupal 5.x-1.0 5.x-1.0
Talk Drupal 5.x-1.1 5.x-1.1
Talk Drupal * 5.x-1.2
Talk Drupal 6.x-1.0 6.x-1.0
Talk Drupal 6.x-1.1 6.x-1.1
Talk Drupal 6.x-1.2 6.x-1.2
Talk Drupal * 6.x-1.4

References