CVE-2015-3404

Name of the Vulnerable Software and Affected Versions Certify module for Drupal versions prior to 6.x-2.3

Description The issue allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information. This is due to the module not properly performing node access checks, specifically when showing and creating PDF certificates.

Recommendations For versions prior to 6.x-2.3, update to version 6.x-2.3 or later to resolve the issue.