CVE-2015-8232

UC Profile module <6.x-1.3 - Info Disclosure

Title source: llm
STIX 2.1

Description

The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.drupal.org/node/2613444
Patch x_refsource_confirm
https://www.drupal.org/node/2612812

Scores

EPSS 0.0109
EPSS Percentile 61.3%

Details

CWE
CWE-200
Status published
Products (2)
uc_profile_project/uc_profile 6.x-1.1 (4 CPE variants)
uc_profile_project/uc_profile 6.x-1.2
Published Nov 17, 2015
Tracked Since Feb 18, 2026