CVE-2012-1654
Published Sep 18, 2012
Last updated 12 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML via the title parameter in (1) data.views.inc and (2) data_ui/data_ui.admin.inc.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB728639-2074-4D1B-B2F8-340CC11D9A0F"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DDA6641-8C03-441F-9FBD-FE94631D5B76"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9CB631D-DA3B-42ED-97A7-4CFF0314EC1A"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54507125-93C3-46E7-9579-68C7F202C48B"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57FD52AA-026E-498F-A8ED-8E3992089EED"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha14:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00E5B498-BBBF-4696-AE8F-9DCC3B445ED2"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7E7DD44-0469-4EE8-937D-0A567FABB195"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61F28522-D5D0-44F7-B946-8A8F59286FE0"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B51D3A98-B9CC-460B-AF52-17177753B9D1"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2961C9CB-0DEE-4564-8BBB-EEEAC33462E3"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05C2A3F7-D562-4804-968C-D2F3880CF1B9"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C437C5F7-06C1-4205-81E0-086AB4AF02B3"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A865BF6-88A2-45BF-8241-3CA4F5490B7B"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.0:alpha9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03BDEBCD-9BC0-47DD-AF9F-1A05226057CB"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:6.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EC3708D-5380-4089-A575-652938360E71"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:7.x-1.0:alpha1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A777509-4DA9-47E3-BC1A-DD30FA2809D3"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:7.x-1.0:alpha2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "640F87B6-57F9-4554-B043-798F9035E951"
},
{
"criteria": "cpe:2.3:a:alex_barth:data:7.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F48C3ABD-943B-4463-852D-833327A465F4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]