Sensitive Information Exposure in Drupal Chatroom Module
CVE-2006-6529

Currently unrated

Key Information:

Vendor

Drupal

Vendor
CVE Published:
14 December 2006

What is CVE-2006-6529?

The Chatroom Module for Drupal, prior to version 4.7.x-1.0, has a significant flaw where it incorrectly displays private messages in the last messages overview. This design oversight allows unauthorized users to access and read private messages, which could lead to unauthorized information disclosure. Attackers can exploit this vulnerability to gain insights into confidential communications, posing a serious threat to user privacy and data integrity.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-2006-6529 : Sensitive Information Exposure in Drupal Chatroom Module