Lucene search
MitreCVE-2010-1362HistoryApr 13, 2010 - 6:30 p.m.
CVE-2010-1362
2010-04-1318:30:00
CWE-79
mitre
web.nvd.nist.gov
26
cve
2010
1362
cross-site scripting
xss
vulnerability
own term module
drupal
authenticated users
web script
html
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
41.7%
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with “create additional terms” privileges, to inject arbitrary web script or HTML via the term description field in a term listing page.
Affected configurations
Node
ben_jeavonsowntermMatch6.x-1.0
drupaldrupal
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ben_jeavons | ownterm | 6.x-1.0 | cpe:2.3:a:ben_jeavons:ownterm:6.x-1.0:*:*:*:*:*:*:* |
| drupal | drupal | * | cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2010-04-13 18:30:00
cvelist
cvelist
CVE-2010-1362
2010-04-13 18:00:00
nvd
nvd
CVE-2010-1362
2010-04-13 18:30:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
41.7%
Related for CVE-2010-1362