Vulnerabilities > Kristof DE Jaeger > Commentreference > 6.x.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-12-31 | CVE-2009-4520 | Permissions, Privileges, and Access Controls vulnerability in Kristof DE Jaeger Commentreference The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path. | 5.0 |