CVE-2012-2922

2012-05-21T22:55:00
ID CVE-2012-2922
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message.