MidnightBSD

Advisories for uc_profile_project

CVE-2015-8232 MEDIUM

The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
uc_profile_project uc_profile 6.x-1.1
uc_profile_project uc_profile 6.x-1.2