CVE-2012-4495
CVE-2012-4495 affects the Drupal Mime Mail module (6.x-1.x before 6.x-1.1). The root cause is improper restriction of access to files outside Drupal’s publish files directory, allowing remote authenticated users to send arbitrary files as attachments. Impact is that authenticated users can attach...