CVE-2012-3474
EUVD-2012-343012.08.2012, 21:55
The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ushahidi | ushahidi_platform | 𝑥 ≤ 2.4.1 |
| ushahidi | ushahidi_platform | 1.0 |
| ushahidi | ushahidi_platform | 1.2 |
| ushahidi | ushahidi_platform | 2.0 |
| ushahidi | ushahidi_platform | 2.1 |
| ushahidi | ushahidi_platform | 2.2 |
| ushahidi | ushahidi_platform | 2.2.1 |
| ushahidi | ushahidi_platform | 2.3.1 |
| ushahidi | ushahidi_platform | 2.3.2 |
| ushahidi | ushahidi_platform | 2.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration