CVE-2012-5654

Nodewords: D6 Meta Tags <6.x-1.14 - Info Disclosure

Title source: llm
STIX 2.1

Description

The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags, which might allow remote attackers to obtain sensitive information by reading the (1) description, (2) dc.description or (3) og:description meta tags.

References (3)

Core 3
Core References
Patch x_refsource_confirm
http://drupal.org/node/1859208
Patch, Vendor Advisory x_refsource_misc
http://drupal.org/node/1859282
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/12/20/1

Scores

EPSS 0.0119
EPSS Percentile 64.3%

Details

CWE
CWE-200
Status published
Products (32)
nodewords_project/nodewords 4.7-1.0
nodewords_project/nodewords 4.7-1.1
nodewords_project/nodewords 4.7-1.2
nodewords_project/nodewords 4.7-1.x dev
nodewords_project/nodewords 5.x-1.0
nodewords_project/nodewords 5.x-1.2
nodewords_project/nodewords 5.x-1.3
nodewords_project/nodewords 5.x-1.4
nodewords_project/nodewords 5.x-1.5
nodewords_project/nodewords 5.x-1.7
... and 22 more
Published Jan 03, 2013
Tracked Since Feb 18, 2026