MidnightBSD

Advisories for johan_lindskog

CVE-2011-0899 MEDIUM

The AES encryption module 7.x-1.4 for Drupal leaves certain debugging code enabled in release, which records the plaintext password of the last logged-in user and allows remote attackers to gain privileges as that user.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
johan_lindskog aes_encryption_module 7.x-1.4