CVE-2012-4498

EUVD-2012-4427
The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly have other unspecified impact.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
morbus_iffactivism
6.x-2.0:x
morbus_iffactivism
6.x-2.x:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1762152
http://drupal.org/node/1762160
http://www.openwall.com/lists/oss-security/2012/10/04/6
http://www.openwall.com/lists/oss-security/2012/10/07/1
http://drupal.org/node/1762152
http://drupal.org/node/1762160
http://www.openwall.com/lists/oss-security/2012/10/04/6
http://www.openwall.com/lists/oss-security/2012/10/07/1