Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2012-2722

Published: 27/06/2012 Updated: 29/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Node Embed

Vulnerability Summary

The node selection interface in the WYSIWYG editor (CKEditor) in the Node Embed module 6.x-1.x prior to 6.x-1.5 and 7.x-1.x prior to 7.x-1.0 for Drupal does not properly check permissions, which allows remote malicious users to bypass intended access restrictions and read node titles.

Vulnerable Product Search on Vulmon Subscribe to Product

scott_reynen node_embed 6.x-1.1

scott_reynen node_embed 6.x-1.2

scott_reynen node_embed 6.x-1.0

scott_reynen node_embed 7.x-1.0

scott_reynen node_embed 7.x-1.x

scott_reynen node_embed 6.x-1.3

scott_reynen node_embed 6.x-1.4

References

CWE-264http://www.osvdb.org/82735http://drupal.org/node/1618428http://drupalcode.org/project/node_embed.git/commitdiff/d06f022http://www.securityfocus.com/bid/53835http://www.openwall.com/lists/oss-security/2012/06/14/3http://drupalcode.org/project/node_embed.git/commitdiff/7a2296chttp://secunia.com/advisories/48348http://drupal.org/node/1619824http://drupal.org/node/1618430https://exchange.xforce.ibmcloud.com/vulnerabilities/76148https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook