CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
EPSS
Percentile
99.7%
CVE: CVE-2012-2297
The Creative Commons module allows users to select and assign a Creative Commons license to a node and any attached content, or to the entire site. The module did not sufficiently filter the text describing licenses. This vulnerability is mitigated by the fact that an attacker must have a role with the permission “administer creative commons”.
Drupal core is not affected. If you do not use the contributed Creative Commons module, there is nothing you need to do.
Install the latest version:
Also see the Creative Commons project page.