CVE-2012-1056

The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
sean_robertsonforward
6.x-1.0:x
sean_robertsonforward
6.x-1.1:x
sean_robertsonforward
6.x-1.2:x
sean_robertsonforward
6.x-1.3:x
sean_robertsonforward
6.x-1.4:x
sean_robertsonforward
6.x-1.5:x
sean_robertsonforward
6.x-1.6:x
sean_robertsonforward
6.x-1.7:x
sean_robertsonforward
6.x-1.8:x
sean_robertsonforward
6.x-1.9:x
sean_robertsonforward
6.x-1.10:x
sean_robertsonforward
6.x-1.11:x
sean_robertsonforward
6.x-1.12:x
sean_robertsonforward
6.x-1.13:x
sean_robertsonforward
6.x-1.14:x
sean_robertsonforward
6.x-1.15:x
sean_robertsonforward
6.x-1.16:x
sean_robertsonforward
6.x-1.17:x
sean_robertsonforward
6.x-1.18:x
sean_robertsonforward
6.x-1.19:x
sean_robertsonforward
6.x-1.20:x
sean_robertsonforward
6.x-1.x-dev:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.1:x
sean_robertsonforward
7.x-1.2:x
sean_robertsonforward
7.x-1.x-dev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1423722
http://drupal.org/node/1425150
http://osvdb.org/78817
http://secunia.com/advisories/47851
http://www.securityfocus.com/bid/51826
https://exchange.xforce.ibmcloud.com/vulnerabilities/72920
http://drupal.org/node/1423722
http://drupal.org/node/1425150
http://osvdb.org/78817
http://secunia.com/advisories/47851
http://www.securityfocus.com/bid/51826
https://exchange.xforce.ibmcloud.com/vulnerabilities/72920