CVE-2012-2304

N/A Unknown

Published: August 14, 2012 Modified: April 29, 2026

Description

The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive information via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://drupal.org/node/1547716

Source: secalert@redhat.com

Patch

http://drupal.org/node/1547738

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/48900

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/05/03/1

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/05/03/2

Source: secalert@redhat.com

http://www.osvdb.org/81557

Source: secalert@redhat.com

http://www.securityfocus.com/bid/53253

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/75183

Source: secalert@redhat.com

http://drupal.org/node/1547716