CVE-2012-4554
23Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 16%
from disclosure to weapon0 days
Published on NVDNov 11
metasploitOct 17
exploitation probability
16%top 3% of all CVEs
observed exploitation
nono source reports it
The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE declaration in an XRDS file.
Affected products
n/a · n/a