Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2012-1590

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page.

  • Published: Oct 1, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-1590
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
drupal / drupal 7.0-alpha5 7.0-alpha5.x
drupal / drupal 7.0-dev 7.0-dev.x
drupal / drupal 7.0-alpha7 7.0-alpha7.x
drupal / drupal 7.0-rc2 7.0-rc2.x
drupal / drupal 7.0-rc4 7.0-rc4.x
drupal / drupal 7.0-beta2 7.0-beta2.x
drupal / drupal 7.0-rc3 7.0-rc3.x
drupal / drupal 7.0-alpha1 7.0-alpha1.x
drupal / drupal 7.3 7.3.x
drupal / drupal 7.8 7.8.x
drupal / drupal 7.0-alpha4 7.0-alpha4.x
drupal / drupal 7.13 7.13.x
drupal / drupal 7.5 7.5.x
drupal / drupal 7.10 7.10.x
drupal / drupal 7.6 7.6.x
drupal / drupal 7.12 7.12.x
drupal / drupal 7.9 7.9.x
drupal / drupal 7.0-rc1 7.0-rc1.x
drupal / drupal 7.0-beta3 7.0-beta3.x
drupal / drupal 7.4 7.4.x
drupal / drupal 7.x-dev 7.x-dev.x
drupal / drupal 7.0-alpha2 7.0-alpha2.x
drupal / drupal 7.11 7.11.x
drupal / drupal 7.0-alpha6 7.0-alpha6.x
drupal / drupal 7.0 7.0.x
drupal / drupal 7.0-beta1 7.0-beta1.x
drupal / drupal 7.1 7.1.x
drupal / drupal 7.7 7.7.x
drupal / drupal 7.0-alpha3 7.0-alpha3.x
drupal / drupal 7.2 7.2.x