[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module (version 6.x-1.0)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module (version 6.x-1.0)
From: mori@xxxxxxxxxxxxx
Date: 27 Feb 2010 23:34:44 -0000

We have determined that Realname module and Realname userreference module do 
not share information that should be hidden. After all, both account->name and 
realname fields are _intended_ for display. Therefore this is not considered a 
vulnerability.

Mori Sugimoto (http://drupal.org/user/82971 )
Drupal Security Team Coordinator

Prev by Date: Month of PHP Security 2010 - CALL FOR PAPERS
Next by Date: Re: Re: Circumventing Critical Security in Windows XP
Previous by thread: Month of PHP Security 2010 - CALL FOR PAPERS
Next by thread: Re: Re: Circumventing Critical Security in Windows XP
Index(es):
- Date
- Thread