Vulnerabilities (CVE)

Filtered by vendor Mime Mail Module Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-4495 2 Drupal, Mime Mail Module Project 2 Drupal, Mimemail 2024-11-21 4.0 MEDIUM N/A
The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not properly restrict access to files outside Drupal's publish files directory, which allows remote authenticated users to send arbitrary files as attachments.