CVE-2012-4554
Published
November 11, 2012
Description The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE declaration in an XRDS file.
Affected Projects2 Configurations31 References4
drupal/drupal GitHubVerbatim mirror of the git.drupal.org repository for Drupal core. Please see the https://github.com/drupal/drupal#contributing. PRs are not accepted on GitHub. = 7.0, = 7.15, = 7.8, = 7.9, = 7.10, = 7.3, = 7.5, = 7.12, = 7.14, = 7.4, = 7.6, = 7.11, = 7.13, = 7.7, = 7.1, = 7.2 NVD
drupal NPMImplementation of parts of Drupal’s user/access control API. = 7.0, = 7.15, = 7.8, = 7.9, = 7.10, = 7.3, = 7.5, = 7.12, = 7.14, = 7.4, = 7.6, = 7.11, = 7.13, = 7.7, = 7.1, = 7.2 NVD