4.3

CVE-2012-5654

EPSS 0.28%
Veröffentlicht 03.01.2013 01:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nodewords Project ≫ Nodewords Updatebeta2 Version <= 6.x-1.14

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version4.7-1.0

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version4.7-1.1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version4.7-1.2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version4.7-1.x Updatedev

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.0

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.3

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.4

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.5

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.7

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.8

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.8 Updaterc1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.9

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.10

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.11

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.12

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.13

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version5.x-1.x Updatedev

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.0

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.0 Updaterc1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3 Updatealpha1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3 Updatealpha2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3 Updatebeta3

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3 Updatebeta4

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.3 Updatebeta5

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.4

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.5

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.6

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.7

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.8

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.9

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.10

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.11

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta3

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta4

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta5

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta6

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta7

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta8

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updatebeta9

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.12 Updaterc1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.13

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.13 Updaterc1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.13 Updaterc2

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.14 Updatebeta1

Drupal ≫ Drupal Version-

Nodewords Project ≫ Nodewords Version6.x-1.x Updatedev

Drupal ≫ Drupal Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.28%	0.487

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.openwall.com/lists/oss-security/2012/12/20/1

http://drupal.org/node/1859208

Patch

http://drupal.org/node/1859282

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-5654

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-5654

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-5654

EUVD