Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x before 7.x-2.1, and 7.x-3.x before 7.x-3.3 for Drupal, when the debugging level is set to 5 or 6, logs the content of submitted forms, which allows context-dependent users to obtain sensitive information such as usernames and passwords by reading the log file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal BOTCHA Spam Prevention模块信息泄露漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。BOTCHA Spam Prevention是其中的一个非CAPTCHA(验证码)垃圾邮件保护框架模块。 Drupal平台下的BOTCHA Spam Prevention模块中存在安全漏洞,该漏洞源于在调试等级设置为5或6的情况下,程序在日志中记录了所提交表单的内容。上下文相关的攻击者可通过读取日志文件利用该漏洞获取敏感信息。以下版本受到影响:BOTCHA Spam Prevention模块7.x-1.6之前的7.x-1
CVSS Information
N/A
Vulnerability Type
N/A