CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
44.4%
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with “administer biblio” privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358.
Vendor | Product | Version | CPE |
---|---|---|---|
ron_jerome | bibliography | 5.x-1.0 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.0:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.1 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.1:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.10 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.10:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.11 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.11:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.12 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.12:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.13 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.13:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.14 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.14:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.15 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.15:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.16 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.16:*:*:*:*:*:*:* |
ron_jerome | bibliography | 5.x-1.17 | cpe:2.3:a:ron_jerome:bibliography:5.x-1.17:*:*:*:*:*:*:* |