CVE-2009-3782

The CVE affects Drupal’s Userpoints 6.x prior to 6.x-1.1. It allows remote authenticated users with the "View own userpoints" permission to read arbitrary users’ userpoint data via unknown attack vectors. The vulnerability’s impact is partial confidentiality; no exploit details are provided. Reme...