CVE-2012-1056

EUVD-2012-1093
The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Affected Products (NVD)
VendorProductVersion
sean_robertsonforward
6.x-1.0:x
sean_robertsonforward
6.x-1.1:x
sean_robertsonforward
6.x-1.2:x
sean_robertsonforward
6.x-1.3:x
sean_robertsonforward
6.x-1.4:x
sean_robertsonforward
6.x-1.5:x
sean_robertsonforward
6.x-1.6:x
sean_robertsonforward
6.x-1.7:x
sean_robertsonforward
6.x-1.8:x
sean_robertsonforward
6.x-1.9:x
sean_robertsonforward
6.x-1.10:x
sean_robertsonforward
6.x-1.11:x
sean_robertsonforward
6.x-1.12:x
sean_robertsonforward
6.x-1.13:x
sean_robertsonforward
6.x-1.14:x
sean_robertsonforward
6.x-1.15:x
sean_robertsonforward
6.x-1.16:x
sean_robertsonforward
6.x-1.17:x
sean_robertsonforward
6.x-1.18:x
sean_robertsonforward
6.x-1.19:x
sean_robertsonforward
6.x-1.20:x
sean_robertsonforward
6.x-1.x-dev:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.0:x
sean_robertsonforward
7.x-1.1:x
sean_robertsonforward
7.x-1.2:x
sean_robertsonforward
7.x-1.x-dev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1423722
http://drupal.org/node/1425150
http://osvdb.org/78817
http://secunia.com/advisories/47851
http://www.securityfocus.com/bid/51826
https://exchange.xforce.ibmcloud.com/vulnerabilities/72920
http://drupal.org/node/1423722
http://drupal.org/node/1425150
http://osvdb.org/78817
http://secunia.com/advisories/47851
http://www.securityfocus.com/bid/51826
https://exchange.xforce.ibmcloud.com/vulnerabilities/72920