MidnightBSD

Advisories for quade

CVE-2013-2122 MEDIUM

The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
quade edit_limit 7.x-1.1
quade edit_limit 7.x-1.x
quade edit_limit 7.x-1.0
quade edit_limit 7.x-1.2