CVE-2012-2724
The vulnerability CVE-2012-2724 affects the Drupal Simplenews module (versions 6.x-1.x prior to 6.x-1.4, 6.x-2.x prior to 6.x-2.0-alpha4, and 7.x-1.x prior to 7.x-1.0-rc1). The root cause is information disclosure: when confirmation is required for new subscribers, the confirmation page reveals t...