Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-1590

Опубликовано: 01 окт. 2012
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*

EPSS

Процентиль: 56%
0.00346
Низкий

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2012-1590

ubuntu
больше 12 лет назад

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

debian логотип

CVE-2012-1590

debian
больше 12 лет назад

The forum list in Drupal 7.x before 7.14 does not properly check user ...

github логотип

GHSA-pp4m-6679-4g83

github
около 3 лет назад

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

EPSS

Процентиль: 56%
0.00346
Низкий

4 Medium

CVSS2

Дефекты

CWE-264