CVE-2007-5597
CVE-2007-5597 affects Drupal core: hook_comments in Drupal 4.7.x (before 4.7.8) and 5.x (before 5.3) does not pass the publication status of comments. This can allow attackers to bypass access restrictions and cause modules (e.g., Organic groups, Subscriptions) to mail or process unpublished comm...