CVE-2010-1536

Published Apr 26, 2010
Last updated 15 years ago
CVSS info 2.1
Overview

Description: Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:N/AC:H/Au:S/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADCD5F83-31E8-4207-B35F-684F0E519516"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09639FCD-6A4E-4E65-B0F6-90E1321953A0"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7353C01-7FC5-4483-98E4-6AAE7BD5D551"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-1.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AC7858D-9736-46B5-9CE1-052F62123836"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9675F78-FF3C-464B-B1CE-596173E66073"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98DA58F2-F6D4-470A-B1FA-CE5C990A194C"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "558CAEA2-D27F-42FD-900D-99C99D2368D2"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "354857C5-C14C-40CC-A324-017878419C8D"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.0:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99B51DC7-1EA9-4CDA-A7E8-1558C68093BD"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E0F0DC8-070C-457E-A1FF-344D1F5E81F4"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:5.x-2.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AF7BACF-7FD1-488B-872C-E54CFD93546B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DEC5BCC-22F5-4D17-85BB-80BF4096B987"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC2F2CFA-8440-417C-A255-AB61A7A2D9D0"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F25C991A-C280-4351-A56F-BCF77F76B469"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-1.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34F00641-B342-4AB8-AA54-2EB9998622EF"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDA73C3F-8582-44D3-B316-C57E47B5B7D7"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5D9E571-7347-4CAC-88E9-2977EAAC83B3"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB0E48F1-0C6C-4F6A-A044-E8688D6B250D"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31539DC9-8915-4BDE-A0BB-EF18D64D4B75"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "635C2B26-9B69-4B9E-A9C6-BD007403B921"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4264E740-50B8-4BBD-85E1-D036E02232CD"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB223E02-FE7C-45A8-A293-96C7D7EC52A0"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7127BE9C-E65C-46E4-AF52-D69A6E135494"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20B3CA84-E74C-4A4C-8BD3-E74F3C493888"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26C416F9-BA5A-4F76-9B2E-0A07BE051846"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "688351C1-2ED9-47BD-9D40-C4C969FDF529"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94933D54-D059-420E-A90A-578F647792B6"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1E13DA4-FFC1-4022-AD55-7D0246850D57"
          },
          {
            "criteria": "cpe:2.3:a:mearra:addthis:6.x-2.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C11AAB1D-02C6-4CAF-9BD8-62A6E54EA114"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
