Vulnerability Details CVE-2012-3798
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.0%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2012-3798
-
cpe:2.3:a:bryce_hamrick:janrain_capture:6.x-1.0
-
cpe:2.3:a:bryce_hamrick:janrain_capture:7.x-1.0
-
cpe:2.3:a:drupal:drupal:-