Vulnerability: Disclosure of sensitive data in Drupal
Danger: Low
If the Patch: Yes
Number of vulnerabilities: 1
Impact: Disclosure of sensitive data
Affected products: Drupal 7.x
Affected versions: Drupal version to 7.16.
Description:
The vulnerability allows a remote user to gain access to sensitive data on the system.
An error in the processing module OpenID malicious DOCTYPE. This can be exploited to disclose the contents of local files, trying to pass through a malicious OpenID authentication server.
Manufacturer : Drupal.org
Solution: Update to version 7.16 from the manufacturer.
links: