Lucene search

[email protected]CVE-2012-2060

HistorySep 17, 2012 - 8:55 p.m.

CVE-2012-2060

2012-09-1720:55:02

CWE-79

[email protected]

web.nvd.nist.gov

drupal

admin tools

cve-2012-2060

xss

vulnerability

web script injection

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the Admin tools module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

nijskens_rafadmintoolsMatch-

AND

drupaldrupalMatch-

CPENameOperatorVersion
nijskens_raf:admintoolsnijskens raf admintoolseq-

CPE	Name	Operator	Version
nijskens_raf:admintools	nijskens raf admintools	eq	-

References

drupal.org/node/1482126

www.openwall.com/lists/oss-security/2012/04/07/1

www.securityfocus.com/bid/52502

exchange.xforce.ibmcloud.com/vulnerabilities/74057

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON

Related for CVE-2012-2060

prion1 nvd1 cvelist1 drupal1