Security Advisory

CVE-2012-2296

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-25 21:00:00
Last updated 2024-08-06 19:26:09
Assigner redhat
State PUBLISHED

Description

The Janrain Engage (formerly RPX) module for Drupal 6.x-1.x. 6.x-2.x before 6.x-2.2, and 7.x-2.x before 7.x-2.2 stores user profile data from Engage in session tables, which might allow remote attackers to obtain sensitive information by leveraging a separate vulnerability.