Vulnerabilities > Drupal > Drupal > 7.x
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-10-28 | CVE-2012-0825 | Information Exposure vulnerability in Drupal Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack. | 6.8 |