Application: Drupal Comment Upload Module
Affected Version: prior to 4.7.x-0.1 and prior to 5.x-0.1.
Vendor’s URL: http://drupal.org/project/comment_upload
Bug Type: File Inclusion
Risk Level: Critical
Solution:
Update to Comment Upload 4.7.x-0.1 or 5.x-0.1
