← back
CVE-2012-4554

CVE-2012-4554

23Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 16%
from disclosure to weapon0 days
Published on NVDNov 11
metasploitOct 17
exploitation probability
16%top 3% of all CVEs
observed exploitation
nono source reports it
The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE declaration in an XRDS file.
Affected products
n/a · n/a