CVE-2012-2922
Publication date 21 May 2012
Last updated 24 July 2024
Ubuntu priority
The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installation path in an error message.
Status
Package | Ubuntu Release | Status |
---|---|---|
drupal7 | ||
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty |
Not affected
|
|