CVE-2012-3802

medium

Description

Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75716

http://www.securityfocus.com/bid/53589

http://www.openwall.com/lists/oss-security/2012/06/14/3

http://drupal.org/node/1585648

Details

Source: Mitre, NVD

Published: 2012-06-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00322