0.003 Low
EPSS
Percentile
69.5%
The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.
drupal.org/node/1557938
launchpad.net/bugs/cve/CVE-2012-1590
nvd.nist.gov/vuln/detail/CVE-2012-1590
security-tracker.debian.org/tracker/CVE-2012-1590
www.cve.org/CVERecord?id=CVE-2012-1590