CVE-2012-1056

2012-02-14T00:55:00
ID CVE-2012-1056
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.