Description
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
Remediation
References
Related Vulnerabilities
WordPress Plugin AVH Extended Categories Widgets Unspecified Vulnerability (4.0.2)
OpenSSL Use After Free Vulnerability (CVE-2016-6309)
MySQL CVE-2013-1511 Vulnerability (CVE-2013-1511)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4408)
WordPress Plugin Easy Comment Uploads 'upload.php' Arbitrary File Upload (0.61)