CVE-2012-6563

Name of the Vulnerable Software and Affected Versions Elgg versions prior to 1.8.5

Description The issue arises from improper clearing of cached access lists during plugin boot in the engine/lib/access.php file. This allows remote attackers to read private entities via unspecified vectors.

Recommendations For versions prior to 1.8.5, update to version 1.8.5 or later to resolve the issue.