CVE Vulnerabilities

CVE-2012-4470

Published: Nov 30, 2012 | Modified: Jan 30, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have other unspecified impact.

Affected Software

Name Vendor Start Version End Version
Listhandler Philip_ludlam 6.x-1.0 6.x-1.0

References