7.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
64.5%
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments.
drupalcode.org/project/payment.git/commitdiff/62c9186
www.openwall.com/lists/oss-security/2013/01/15/3
drupal.org/node/1871508
drupal.org/node/1883830
drupal.org/node/1884360