drupal6-mollom

2011-02-13

Page content

Author: Miklos Vajna
Vulnerable: 6.x_1.13-1
Unaffected: 6.x_1.14-1haven1

A security issue has been reported in the Mollom module for Drupal, which may lead to exposure of sensitive information. The security issue is caused due to an error in the module which can lead to certain sensitive user data e.g. a user’s password in clear text being logged via calls to Drupal’s watchdog API. Successful exploitation requires that an attacker has “access site reports” permissions or has access to system syslog files.

Bug Tracker URL: http://bugs.frugalware.org/task/4321

CVEs:

No CVE references, see http://drupal.org/node/912412