Password leaked in URL in Drupal Drupal
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | N/A |
| CWE-ID | CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Drupal Web applications / CMS |
| Vendor | Drupal |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Password leaked in URL
EUVDB-ID: #VU516
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to steal user's credentials.
The weakness exists due to access control error. If the anonymous user enters incorrect username and password and they are contained in the sortable table of the page, his credentials can easily leak to external sites via the HTTP referer or via specially crafted URL on the Drupal page.
Successful exploitation of the vulnerability allows a malicious user to obtain valid user's data.
Update 5.x to 5.19.
http://ftp.drupal.org/files/projects/drupal-5.19.tar.gz
Update 6.x to 6.13.
http://ftp.drupal.org/files/projects/drupal-6.13.tar.gz
Drupal: 5.0 - 6.12
CPE2.3 External linkshttp://www.drupal.org/node/507572
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
