CVE-2009-4515

Name of the Vulnerable Software and Affected Versions Storm module versions prior to 6.x-1.25 for Drupal

Description The issue allows remote attackers to read node titles via unspecified vectors because it does not enforce privilege requirements for storminvoiceitem nodes.

Recommendations For Storm module versions prior to 6.x-1.25, update to version 6.x-1.25 or later to resolve the issue.