CVE-2012-1634

Published Oct 6, 2012

Last updated 7 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in the Video Filter module 6.x-2.x and 7.x-2.x for Drupal allows remote attackers to inject arbitrary web script or HTML via the EMBEDLOOKUP parameter for Blip.tv links.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AF01ECB-F42B-43A5-AD7F-4BC73416529C"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABB66DBA-07A9-4675-A226-86B3D5ED060C"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "356CCE36-CB8C-41AE-9D95-F5B2AE5F2425"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3019DFA6-D4DA-4178-9FF9-3FD02F0C45B9"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "524FC478-B4AC-4375-AB20-6D28869FADEF"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFECFD9B-9F0F-4C99-ACC9-D53588D9B7E4"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "522EB7FB-575F-44C0-92D6-B5BE35286683"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AC67FAE-A223-400C-A3D8-D84560E3B55E"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "776A2534-6FD0-4464-B8C7-51E197A57136"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.8:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "814E196C-045F-48FC-8F50-B70EE937534A"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:6.x-2.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5F5B94A-76DD-4C01-836A-9F6D9B244127"
          },
          {
            "criteria": "cpe:2.3:a:hans_nilsson:video_filter:7.x-2.x:dev:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "862DC34C-72EF-4EE3-A266-B85AB8FDBAFD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References