Posted on

CVE-2012-3822 (campaign_enterprise)

Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users’ credentials.