Janrain Capture Module Vulnerability: Password Generation Input Leakage

Janrain Capture Module Vulnerability: Password Generation Input Leakage

CVE-2012-3798 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.

Learn more about our User Device Pen Test.