CVE-2012-2724
09.01.2020, 20:15
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.Enginsight
| Vendor | Product | Version |
|---|---|---|
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.1:x |
| md-systems | simplenews | 6.x-1.2:x |
| md-systems | simplenews | 6.x-1.3:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.x:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References