Security Advisory

CVE-2014-9026

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-11-20 17:00:00

Last updated 2024-09-16 16:48:17

Assigner mitre

State PUBLISHED

Description

The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors.

← Browse all CVEs View on cve.org ↗