The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and knowledge of usernames.
Max CVSS
4.3
EPSS Score
0.24%
Published
2017-09-13
Updated
2017-09-26
1 vulnerabilities found