Lucene search

[email protected]CVE-2010-2000

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-2000

2022-10-0316:21:07

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-2000

xss

vulnerability

bibliography module

drupal

2.1 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with “administer biblio” privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358.

Affected configurations

NVD

Node

ron_jeromebibliographyMatch5.x-1.0

ron_jeromebibliographyMatch5.x-1.1

ron_jeromebibliographyMatch5.x-1.10

ron_jeromebibliographyMatch5.x-1.11

ron_jeromebibliographyMatch5.x-1.12

ron_jeromebibliographyMatch5.x-1.13

ron_jeromebibliographyMatch5.x-1.14

ron_jeromebibliographyMatch5.x-1.15

ron_jeromebibliographyMatch5.x-1.16

ron_jeromebibliographyMatch5.x-1.17

AND

drupaldrupal

Node

ron_jeromebibliographyMatch6.x-1.0

ron_jeromebibliographyMatch6.x-1.0rc1

ron_jeromebibliographyMatch6.x-1.0rc2

ron_jeromebibliographyMatch6.x-1.0rc3

ron_jeromebibliographyMatch6.x-1.0rc4

ron_jeromebibliographyMatch6.x-1.0rc5

ron_jeromebibliographyMatch6.x-1.0-beta1

ron_jeromebibliographyMatch6.x-1.0-beta2

ron_jeromebibliographyMatch6.x-1.0-beta3

ron_jeromebibliographyMatch6.x-1.0-beta4

ron_jeromebibliographyMatch6.x-1.0-beta5

ron_jeromebibliographyMatch6.x-1.0-beta6

ron_jeromebibliographyMatch6.x-1.0-beta7

ron_jeromebibliographyMatch6.x-1.0-beta8

ron_jeromebibliographyMatch6.x-1.0-beta9

ron_jeromebibliographyMatch6.x-1.1

ron_jeromebibliographyMatch6.x-1.2

ron_jeromebibliographyMatch6.x-1.3

ron_jeromebibliographyMatch6.x-1.4

ron_jeromebibliographyMatch6.x-1.5

ron_jeromebibliographyMatch6.x-1.6

ron_jeromebibliographyMatch6.x-1.x-dev

AND

drupaldrupal

CPENameOperatorVersion
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.0
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.1
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.10
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.11
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.12
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.13
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.14
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.15
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.16
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.17

CPE	Name	Operator	Version
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.0
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.1
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.10
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.11
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.12
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.13
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.14
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.15
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.16
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.17

References

drupal.org/node/796498

drupal.org/node/796502

drupal.org/node/797192

secunia.com/advisories/39810

www.securityfocus.com/bid/40127

2.1 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Related for CVE-2010-2000

cvelist2 prion2 nvd2 cve1