The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x prior to 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote malicious users to obtain sensitive information via the recent comments listing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
acquia commons 6.x-2.6 |
||
acquia commons 6.x-2.5 |
||
acquia commons 6.x-2.x |
||
acquia commons 6.x-2.4 |
||
acquia commons 6.x-2.7 |