Drupal » Drupal : Security Vulnerabilities, CVEs, Published In 2012 (Information Leak) CVSS score >= 3
The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.73%
Published
2012-05-21
Updated
2017-08-29
1 vulnerabilities found