Lucene search

RedhatCVE-2010-4520

HistoryDec 23, 2010 - 6:00 p.m.

CVE-2010-4520

2010-12-2318:00:03

CWE-79

redhat

web.nvd.nist.gov

views module

cross-site scripting

xss

drupal

vulnerability

cve-2010-4520

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator feed title.

Affected configurations

Nvd

Node

earl_milesviewsMatch6.x-2.0

earl_milesviewsMatch6.x-2.0alpha1

earl_milesviewsMatch6.x-2.0alpha2

earl_milesviewsMatch6.x-2.0alpha3

earl_milesviewsMatch6.x-2.0alpha4

earl_milesviewsMatch6.x-2.0alpha5

earl_milesviewsMatch6.x-2.0beta1

earl_milesviewsMatch6.x-2.0beta2

earl_milesviewsMatch6.x-2.0beta3

earl_milesviewsMatch6.x-2.0beta4

earl_milesviewsMatch6.x-2.0rc1

earl_milesviewsMatch6.x-2.0rc2

earl_milesviewsMatch6.x-2.0rc3

earl_milesviewsMatch6.x-2.0rc4

earl_milesviewsMatch6.x-2.0rc5

earl_milesviewsMatch6.x-2.1

earl_milesviewsMatch6.x-2.2

earl_milesviewsMatch6.x-2.3

earl_milesviewsMatch6.x-2.4

earl_milesviewsMatch6.x-2.5

earl_milesviewsMatch6.x-2.6

earl_milesviewsMatch6.x-2.7

earl_milesviewsMatch6.x-2.8

earl_milesviewsMatch6.x-2.9

earl_milesviewsMatch6.x-2.10

earl_milesviewsMatch6.x-2.xdev

earl_milesviewsMatch6.x-3.0alpha1

earl_milesviewsMatch6.x-3.0alpha2

earl_milesviewsMatch6.x-3.0alpha3

earl_milesviewsMatch6.x-3.xdev

AND

drupaldrupal

VendorProductVersionCPE
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:*:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:alpha1:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:alpha2:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:alpha3:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:alpha4:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:alpha5:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:beta1:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:beta2:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:beta3:*:*:*:*:*:*
earl_milesviews6.x-2.0cpe:2.3:a:earl_miles:views:6.x-2.0:beta4:*:*:*:*:*:*

Vendor	Product	Version	CPE
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:::::::*
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:alpha1::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:alpha2::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:alpha3::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:alpha4::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:alpha5::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:beta1::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:beta2::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:beta3::::::
earl_miles	views	6.x-2.0	cpe:2.3:a:earl_miles:views:6.x-2.0:beta4::::::

Rows per page:

1-10 of 311

References

drupal.org/node/829840

www.openwall.com/lists/oss-security/2010/12/16/7

www.openwall.com/lists/oss-security/2010/12/22/1

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Related for CVE-2010-4520