CVE-2012-2724 (simplenews)

Leave a reply

The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.

View Full Alert

Related Posts

  • CVE-2012-2724

    The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows…

  • CVE-2012-5582

    opendnssec misuses libcurl API View Full Alert

  • CVE-2012-1563

    Joomla! before 2.5.3 allows Admin Account Creation. View Full Alert

Leave a Reply