Johan Lindskog » Aes Encryption Module : Security Vulnerabilities, CVEs, CVSS score >= 1
The AES encryption module 7.x-1.4 for Drupal leaves certain debugging code enabled in release, which records the plaintext password of the last logged-in user and allows remote attackers to gain privileges as that user.
Max CVSS
5.0
EPSS Score
0.50%
Published
2011-02-07
Updated
2017-08-17
1 vulnerabilities found