Описание
The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.
Уязвимые конфигурации
Конфигурация 1Версия до 6.x-1.14 (включая)
Одновременно
Одно из
cpe:2.3:a:nodewords_project:nodewords:*:beta2:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:4.7-1.0:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:4.7-1.1:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:4.7-1.2:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:4.7-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.0:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.2:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.3:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.4:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.5:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.7:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.8:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.8:rc1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.9:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.10:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.11:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.12:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.13:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:5.x-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.0:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.1:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.2:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:alpha2:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta3:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta4:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta5:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.4:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.5:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.6:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.7:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.8:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.9:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.10:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.11:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta2:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta3:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta4:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta5:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta6:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta7:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta8:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta9:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:rc1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:*:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:rc1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:rc2:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.14:beta1:*:*:*:*:*:*
cpe:2.3:a:nodewords_project:nodewords:6.x-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
около 3 лет назад
The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200