4
CVE-2009-3921
- EPSS 1.15%
- Veröffentlicht 09.11.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:38
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Smartqueue_og module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-rc3, a module for Drupal, does not verify group-node privileges in certain circumstances involving subqueue creation, which allows remote authenticated users to discover arbitrary organic group names by reading confirmation messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ezra Barnett Gildesgame ≫ Smartqueue Og Version5.x-1.0
Ezra Barnett Gildesgame ≫ Smartqueue Og Version5.x-1.1
Ezra Barnett Gildesgame ≫ Smartqueue Og Version5.x-1.2
Ezra Barnett Gildesgame ≫ Smartqueue Og Version5.x-1.x-dev
Ezra Barnett Gildesgame ≫ Smartqueue Og Version6.x-1.0 Updaterc1
Ezra Barnett Gildesgame ≫ Smartqueue Og Version6.x-1.0 Updaterc2
Ezra Barnett Gildesgame ≫ Smartqueue Og Version6.x-1.x-dev
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.15% | 0.628 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
http://drupal.org/node/617496
http://drupal.org/node/617500
http://drupal.org/node/623554
http://osvdb.org/59675
http://secunia.com/advisories/37288
http://www.securityfocus.com/bid/36925