CVE-2012-4484
Published Oct 31, 2012
Last updated 6 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the administrative interface in the Campaign Monitor module before 6.x-2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this refers to an issue in an independently developed Drupal module, and NOT an issue in the Campaign Monitor software itself (described on the campaignmonitor.com web site).
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6498CC2-9F94-42F4-9BDE-188CC8318A81",
"versionEndIncluding": "6.x-2.4"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA10FAD0-2CDA-48E6-B222-55B02B904C8A"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-1.x-dev:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "543B9966-6ED7-40D6-A647-8D16D6CF2B16"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "541D2D18-44EE-408F-9162-4A2CA559DBBF"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2985965C-71FC-4C58-B903-08A76A9BE56A"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BF3236A-5DF8-4300-B885-BE7D8C99830E"
},
{
"criteria": "cpe:2.3:a:trexart:campaignmonitor:6.x-2.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DC0A6FC-81CB-4A98-BFC2-DE18FCDAF676"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]