CVE-2012-3798

2022-10-0316:15:23

mitre

www.cve.org

janrain

capture module

drupal

vulnerability

password guessing

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.

References

drupal.org/node/1632702

drupal.org/node/1632704

drupal.org/node/1632734

osvdb.org/82957