Md-Systems: >> Simplenews >> 6.x-2.x Security Vulnerabilities
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.
CVSS Score
5.3
EPSS Score
0.014
Published
2020-01-09