[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-5654Date: (C)2013-01-07   (M)2023-12-22


The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
http://www.openwall.com/lists/oss-security/2012/12/20/1
http://drupal.org/node/1859208
http://drupal.org/node/1859282

CPE    52
cpe:/a:nodewords_project:nodewords:6.x-1.12:beta7
cpe:/a:nodewords_project:nodewords:6.x-1.12:beta8
cpe:/a:nodewords_project:nodewords:6.x-1.12:beta5
cpe:/a:nodewords_project:nodewords:6.x-1.12:beta6
...
CWE    1
CWE-200

© SecPod Technologies