CVE-2012-2724
09.01.2020, 20:15
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.0:x |
| md-systems | simplenews | 6.x-1.1:x |
| md-systems | simplenews | 6.x-1.2:x |
| md-systems | simplenews | 6.x-1.3:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.0:x |
| md-systems | simplenews | 6.x-2.x:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
| md-systems | simplenews | 7.x-1.0:x |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References