Kristof De Jaeger: >> Commentreference Security Vulnerabilities
The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path.
CVSS Score
5.0
EPSS Score
0.002
Published
2009-12-31