Unrated severityNVD Advisory· Published Jun 27, 2012· Updated Apr 29, 2026

CVE-2012-3798

Description

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.

Affected products

Bryce Hamrick/Janrain Capture2 versions
cpe:2.3:a:bryce_hamrick:janrain_capture:6.x-1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bryce_hamrick:janrain_capture:6.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:bryce_hamrick:janrain_capture:7.x-1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drupal.org/node/1632702nvdPatch
drupal.org/node/1632704nvdPatch
drupal.org/node/1632734nvdPatchVendor Advisory
osvdb.org/82957nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000