CVE-2009-3921

Name of the Vulnerable Software and Affected Versions Smartqueue og module versions 5.x before 5.x-1.3 Smartqueue og module versions 6.x before 6.x-1.0-rc3

Description The issue concerns the Smartqueue og module for Drupal, where it fails to verify group-node privileges in certain situations involving subqueue creation. This allows remote authenticated users to discover arbitrary organic group names by reading confirmation messages.

Recommendations For Smartqueue og module versions 5.x before 5.x-1.3, update to version 5.x-1.3 or later. For Smartqueue og module versions 6.x before 6.x-1.0-rc3, update to version 6.x-1.0-rc3 or later.