ID | CVE-2009-4515 | ||||||
Sažetak | The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified vectors. | ||||||
Reference | |||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:L/Au:N/C:P/I:N/A:N | ||||||
Zadnje važnije ažuriranje | 08-01-2010 - 20:29 | ||||||
Objavljeno | 31-12-2009 - 19:30 |