Skip to main content

Certify

1 CVEs product

Monthly

CVE-2015-3404 MEDIUM PATCH This Month

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Certify
NVD
CVSS 2.0
4.0
EPSS
0.1%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Certify
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy