CVE-2010-2125
Published Jun 1, 2010
Last updated 7 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit any rotor item" privileges, to inject arbitrary web script or HTML via the (1) srs, (2) title, or (3) alt image attribute.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EADF2B78-6A02-4EA3-B5E7-AA182546F009"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C874949B-43C7-46F0-B7A9-1D3EDC56F012"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7678F7F5-D74C-4804-BBDE-56ACA77E10B7"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "214AD43A-02C0-424A-BFF2-096ADE9E32F9"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "602AB23E-D16B-45BB-8920-8EA9E7D4DEFB"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1858FB2C-223A-4C56-972A-D3559FEC75C6"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30D81598-F88B-4043-B078-8AC4F4CCBB26"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F2F481F-120D-4780-A083-E766F494F00F"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C33D089-161D-446E-A18D-1AC68BE4C387"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5F4E431-154C-4358-B65B-E1459EFE3EB1"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E3BC0FE-E761-4A44-8A20-C30F37193B27"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56B183B5-C8BA-4F87-ADC1-AFDD1BC0176C"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4FD8F83-4198-42CB-B6C0-F8118D1D547E"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7882AF9A-8A74-4251-8954-B7D2B12C404F"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9ABB6B6-24F1-49CC-9469-5D104AF9C971"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E832669-AB36-4E3F-8F95-CE8C4CB5A469"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7495CC3F-0526-4F71-97C5-44394C74790C"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2ECF4F74-8620-498C-ACCD-03BA4833EC02"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CA03D95-7129-4A95-85E7-6D6C2AB5E176"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "128E92D7-9F48-4E8E-BE15-8C4AD4DDEEA6"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "424F3C64-EBDD-4EAE-9D66-E3A09398FA76"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "786350B3-1DAB-4948-B826-FBC22D6BD446"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D97CE4CD-DE56-4B42-B7F6-388BBB469120"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18AE661A-CF5E-41EC-9994-CCD4FE04A184"
},
{
"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FA0611C-A660-4736-9F99-716F044DD909"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]