Unspecified Impact Vulnerability in Drupal XRDS Document Parsing

Unspecified Impact Vulnerability in Drupal XRDS Document Parsing

CVE-2014-5267 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.

Learn more about our Web Application Penetration Testing UK.