Lucene search

K
cveRedhatCVE-2012-2298
HistoryAug 14, 2012 - 10:55 p.m.

CVE-2012-2298

2012-08-1422:55:02
CWE-79
redhat
web.nvd.nist.gov
27
cve
2012
2298
realname module
drupal
xss
vulnerabilities
web script
html
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

Multiple cross-site scripting (XSS) vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) “user names in page titles” and (2) “autocomplete callbacks.”

Affected configurations

Nvd
Node
drupalrealnameMatch6.x-1.2
OR
nancy_wichmannrealnameMatch6.x-1.0
OR
nancy_wichmannrealnameMatch6.x-1.0alpha1
OR
nancy_wichmannrealnameMatch6.x-1.0beta
OR
nancy_wichmannrealnameMatch6.x-1.1
OR
nancy_wichmannrealnameMatch6.x-1.1rc1
OR
nancy_wichmannrealnameMatch6.x-1.1rc2
OR
nancy_wichmannrealnameMatch6.x-1.1rc3
OR
nancy_wichmannrealnameMatch6.x-1.2
OR
nancy_wichmannrealnameMatch6.x-1.3
OR
nancy_wichmannrealnameMatch6.x-1.4
OR
nancy_wichmannrealnameMatch6.x-1.xdev
AND
drupaldrupalMatch-
VendorProductVersionCPE
drupalrealname6.x-1.2cpe:2.3:a:drupal:realname:6.x-1.2:*:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.0cpe:2.3:a:nancy_wichmann:realname:6.x-1.0:*:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.0cpe:2.3:a:nancy_wichmann:realname:6.x-1.0:alpha1:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.0cpe:2.3:a:nancy_wichmann:realname:6.x-1.0:beta:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.1cpe:2.3:a:nancy_wichmann:realname:6.x-1.1:*:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.1cpe:2.3:a:nancy_wichmann:realname:6.x-1.1:rc1:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.1cpe:2.3:a:nancy_wichmann:realname:6.x-1.1:rc2:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.1cpe:2.3:a:nancy_wichmann:realname:6.x-1.1:rc3:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.2cpe:2.3:a:nancy_wichmann:realname:6.x-1.2:*:*:*:*:*:*:*
nancy_wichmannrealname6.x-1.3cpe:2.3:a:nancy_wichmann:realname:6.x-1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.1%

Related for CVE-2012-2298