5

CVE-2012-1056

The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sean RobertsonForward Version6.x-1.0
   DrupalDrupal
Sean RobertsonForward Version6.x-1.1
   DrupalDrupal
Sean RobertsonForward Version6.x-1.2
   DrupalDrupal
Sean RobertsonForward Version6.x-1.3
   DrupalDrupal
Sean RobertsonForward Version6.x-1.4
   DrupalDrupal
Sean RobertsonForward Version6.x-1.5
   DrupalDrupal
Sean RobertsonForward Version6.x-1.6
   DrupalDrupal
Sean RobertsonForward Version6.x-1.7
   DrupalDrupal
Sean RobertsonForward Version6.x-1.8
   DrupalDrupal
Sean RobertsonForward Version6.x-1.9
   DrupalDrupal
Sean RobertsonForward Version6.x-1.10
   DrupalDrupal
Sean RobertsonForward Version6.x-1.11
   DrupalDrupal
Sean RobertsonForward Version6.x-1.12
   DrupalDrupal
Sean RobertsonForward Version6.x-1.13
   DrupalDrupal
Sean RobertsonForward Version6.x-1.14
   DrupalDrupal
Sean RobertsonForward Version6.x-1.15
   DrupalDrupal
Sean RobertsonForward Version6.x-1.16
   DrupalDrupal
Sean RobertsonForward Version6.x-1.17
   DrupalDrupal
Sean RobertsonForward Version6.x-1.18
   DrupalDrupal
Sean RobertsonForward Version6.x-1.19
   DrupalDrupal
Sean RobertsonForward Version6.x-1.20
   DrupalDrupal
Sean RobertsonForward Version6.x-1.x-dev
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updatealpha3
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc3
   DrupalDrupal
Sean RobertsonForward Version7.x-1.0 Updaterc4
   DrupalDrupal
Sean RobertsonForward Version7.x-1.1
   DrupalDrupal
Sean RobertsonForward Version7.x-1.2
   DrupalDrupal
Sean RobertsonForward Version7.x-1.x-dev
   DrupalDrupal
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.45% 0.628
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://drupal.org/node/1425150
Patch
Vendor Advisory