Janrain Capture Module Vulnerability: Password Generation Input Leakage
CVE-2012-3798 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.
Learn more about our User Device Pen Test.