The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/84630
https://drupal.org/node/2007048
https://drupal.org/node/2006188
http://www.securityfocus.com/bid/60209
http://www.openwall.com/lists/oss-security/2013/05/29/9
http://secunia.com/advisories/53556