1 results (0.009 seconds)
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0
CVE-2012-5554
https://notcve.org/view.php?id=CVE-2012-5554
The default configuration for the Webform CiviCRM Integration module 7.x-3.x before 7.x-3.2 has "Enforce Permissions" disabled, which allows remote attackers to obtain contact information by reading webforms. La configuración por defecto para el módulo de Integración Webform CiviCRM v7.x-3.x antes de v7.x-3.2 tiene "Enforce Permissions" deshabilitado, lo que permite a atacantes remotos obtener información de contacto mediante la lectura de formularios web. • http://drupal.org/node/1768632 http://drupal.org/node/1774252 http://drupal.org/node/1834868 http://www.openwall.com/lists/oss-security/2012/11/20/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •