CVE Vulnerabilities

CVE-2012-2304

Published: Aug 14, 2012 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected Software 

Name Vendor Start Version End Version
Linkit Emil_stjerneman 7.x-2.0 (including) 7.x-2.0 (including)
Linkit Emil_stjerneman 7.x-2.0-beta1 (including) 7.x-2.0-beta1 (including)
Linkit Emil_stjerneman 7.x-2.0-beta2 (including) 7.x-2.0-beta2 (including)
Linkit Emil_stjerneman 7.x-2.1 (including) 7.x-2.1 (including)
Linkit Emil_stjerneman 7.x-2.2 (including) 7.x-2.2 (including)
Linkit Emil_stjerneman 7.x-2.3 (including) 7.x-2.3 (including)

References