2 matches found
CVE-2013-2122
The CVE-2013-2122 entry applies to the Drupal contributed module Edit Limit (7.x-1.x) prior to version 7.x-1.3. The underlying issue is an insufficient access check that allows remote authenticated users with the “edit comments” permission to modify comments belonging to other users via unspecifi...
SA-CONTRIB-2013-048 - Edit Limit - Access Bypass
Edit Limit enables you to set time and count-based limits on how and when a user can edit nodes or comments. The module doesn't sufficiently check user access when editing comments to see if the user has the necessary permissions to edit a comment outside of the limits applied by this module. Thi...