6.8 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.0%
The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the “edit comments” permission to edit arbitrary comments of other users via unspecified vectors.
osvdb.org/93725
seclists.org/fulldisclosure/2013/May/208
secunia.com/advisories/53556
www.openwall.com/lists/oss-security/2013/05/29/9
www.securityfocus.com/bid/60209
drupal.org/node/2006188
drupal.org/node/2007048
exchange.xforce.ibmcloud.com/vulnerabilities/84630