CVE-2012-5654 in Nodewordsinfo

Summary

The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

10/24/2012

Disclosure

01/02/2013

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.00283

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5654
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5654
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5654/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!