Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Simplenews 信息泄露漏洞
Vulnerability Description
Drupal是Drupal社区的一套使用PHP语言开发的开源内容管理系统。Simplenews是其中的一个新闻信息发布和将新闻信息发送给订阅用户的模块。 Simplenews 6.x-1.4之前的6.x-1.x版本、6.x-2.0-alpha4之前的6.x-2.x版本和7.x-1.0-rc1之前的7.x-1.x版本(用于Drupal)中存在信息泄露漏洞。远程攻击者可借助配置页面利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A