Ushahidi : Security Vulnerabilities, CVEs, Published In 2012 (Information Leak)
The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call.
Max CVSS
5.0
EPSS Score
0.34%
Published
2012-08-12
Updated
2012-08-13
1 vulnerabilities found