Lucene search
HistoryJun 27, 2012 - 12:55 a.m.
CVE-2012-2711
cve-2012-2711
cross-site scripting
xss
taxonomy list module
drupal
security vulnerabilities
nvd
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.9%
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information.
Affected configurations
Node
nancy_wichmanntaxonomy_listMatch6.x-1.0
ORnancy_wichmanntaxonomy_listMatch6.x-1.0-beta1
ORnancy_wichmanntaxonomy_listMatch6.x-1.1
ORnancy_wichmanntaxonomy_listMatch6.x-1.2
ORnancy_wichmanntaxonomy_listMatch6.x-1.2dev
ORnancy_wichmanntaxonomy_listMatch6.x-1.3
ORnancy_wichmanntaxonomy_listMatch6.x-1.x-dev
drupaldrupalMatch-
Related
cvelist
cvelist
CVE-2012-2711
2012-06-27 00:00:00
nvd
nvd
CVE-2012-2711
2012-06-27 00:55:04
prion
prion
Cross site scripting
2012-06-27 00:55:00
drupal
drupal
SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS)
2012-05-23 00:00:00
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.9%
Related for CVE-2012-2711