Security Advisory

CVE-2012-2340

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-05-21 20:00:00

Last updated 2024-08-06 19:34:23

Assigner redhat

State PUBLISHED

Description

The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" permission to modify the module settings via unspecified vectors.

← Browse all CVEs View on cve.org ↗