Denial of service in Drupal - CVE-2012-1588
Published: September 15, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU469
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2012-1588
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Drupal
Affected software:
Drupal
Drupal
Detailed vulnerability description
The vulnerability allows a remote user to cause service on the target system deny.
The weakness is caused by inefficient Drupal's text matching. Inability to filter texts and remove inappropriate HTML tags allows a malicious user to trigger denial of service.
Successful exploitation of the vulnerability may results in denial of service on the vulnerable system.
The weakness is caused by inefficient Drupal's text matching. Inability to filter texts and remove inappropriate HTML tags allows a malicious user to trigger denial of service.
Successful exploitation of the vulnerability may results in denial of service on the vulnerable system.