MidnightBSD

Advisories for sebastien_corbin

CVE-2013-4379 MEDIUM

The Make Meeting Scheduler module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to bypass intended access restrictions for a poll via a direct request to the node's URL instead of the hashed URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sebastien_corbin make_meeting_scheduler_module 6.x-1.2
sebastien_corbin make_meeting_scheduler_module 6.x-1.x
sebastien_corbin make_meeting_scheduler_module 6.x-1.1
sebastien_corbin make_meeting_scheduler_module 6.x-1.0