CVE-2012-5654

Published Jan 3, 2013
Last updated 4 months ago
CVSS info 4.3
Overview

Description: The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-200
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:*:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C6F3DF2-8915-44B4-9826-C645BE7198C0",
            "versionEndIncluding": "6.x-1.14"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:4.7-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0FA9DB5-B822-4C51-A9F7-ED579281FE18"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:4.7-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8970576E-AF70-4E96-ACCC-7B89409943F4"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:4.7-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85A2DD85-58B8-412A-94FD-F33553252669"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:4.7-1.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ED3A756-B12B-40C4-B409-1B9297B00378"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C98E29E2-2308-41ED-B214-09575C25E0A1"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A5727AB-C735-4E22-B9E1-220C731EDE77"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C4A74A6-D8CB-44D2-8745-39629E38B15C"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85F7883D-52BD-4182-AD6B-DC85B8774899"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A28145D9-3AAE-4448-9894-C7BD49819D28"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "011492F2-3857-4727-9C53-1C3E48E5C4A4"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CC03788-B74C-4474-8333-3004B3B4A700"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.8:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E077CBD2-9568-4818-A957-591388737E96"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07282EC3-346F-466C-96E3-B881BD3E27ED"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C55576BF-674B-416B-83AA-29F1B850D785"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45439E8E-2275-40DA-AE29-309F51E7781A"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E537D0FC-FF01-4442-BE0E-63F7516A9964"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C80C0D7-C57E-43AD-ABAC-5F7A7C1CA755"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:5.x-1.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C08CB344-7E2C-44EA-903B-833F5EBE5927"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4EDD10C-10C8-4D4C-9DC4-5F1A8557899D"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "606DAABD-B67F-4FF2-9335-FEB5E4D63AC8"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB3A50A9-FD8F-4803-80EF-0D02788C9713"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EF59C7B-9B93-4B03-987F-BCC3E3940049"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2218F66F-1111-4731-B584-F9CC0575EE50"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:alpha1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2173265A-2E85-4289-8E4E-AD6DA7064B25"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:alpha2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF39A30B-674B-4960-9C1D-2C353CBD73D5"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC1EB041-8A4A-4A3F-B5E3-30A2B333FE9F"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17E3BD9C-FE67-4DA3-A505-2705DAC8B90D"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.3:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC494BB0-0F33-4381-AF62-19A85B3F0798"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCD1D484-B8BF-494A-802E-C575C2BEBE26"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37EFF8D6-7593-4351-9EF9-6FB0C38069FA"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFF84EDC-3422-4F79-B71B-DCD1A5A4CF5F"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "589A8787-52DF-4343-B013-9F9D0C73B1F0"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "049C6AF1-8D59-40BD-885B-3B809A8F1546"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4DBD36B-7990-43F6-9DD4-29E9F45F681D"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "984D91D5-6DA5-47A1-ABC6-FEEFE5433749"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FB18C2C-684B-4C4D-8FE5-570C233DBCE4"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "355B4363-9C50-41A1-A721-82B8CD323BBC"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD104382-CB02-4339-874E-10675742D795"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C835FE2E-D8FC-407D-B1CE-5A0F4D53A693"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA35B38F-DDBF-42BC-8904-E58292C234CB"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4EAB97E-3490-47BF-8F0D-861BFFCE3512"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EBB1F76-8267-45AA-9A21-78B5C8DE2D3A"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D04F01F-781A-46E9-A8EF-6542B0BFC1C1"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7114B202-BADD-4678-83C8-6732FD38E9AC"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:beta9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C5217EE-48BD-42E9-A1FC-9D74FC8E3C98"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.12:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ADBE1E3-0307-482D-9568-B4BBA791CACA"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "430D2D01-AA6B-493D-88D8-B261B4B09853"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8392C41E-F9D2-499D-AF5E-C345BC90A9BB"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.13:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7F6C7F2-CD66-41E4-8AE2-B88946E041C6"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.14:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9294D41D-055F-4AFF-8A68-24F3226EC8E8"
          },
          {
            "criteria": "cpe:2.3:a:nodewords_project:nodewords:6.x-1.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5C8EB10-A534-4171-AC66-96B646B395E9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
