CVE-2012-5654

Name of the Vulnerable Software and Affected Versions Drupal Nodewords: D6 Meta Tags module versions prior to 6.x-1.14

Description The issue arises when the module is configured to automatically generate description meta tags from node text. It fails to properly filter node content, potentially allowing remote attackers to obtain sensitive information by reading the description, dc.description, or og:description meta tags.

Recommendations For versions prior to 6.x-1.14, update to version 6.x-1.14 or later to resolve the issue. As a temporary workaround, consider disabling the automatic generation of description meta tags from node text until the update is applied. Restrict access to sensitive node content to minimize the risk of exploitation.