Lucene search

[email protected]NVD:CVE-2012-1652

HistorySep 19, 2012 - 7:55 p.m.

CVE-2012-1652

2012-09-1919:55:04

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

45.2%

JSON

Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to “the vocabulary’s help text.”

Affected configurations

Nvd

Node

wim_leershierarchical_selectMatch6.x-3.0

wim_leershierarchical_selectMatch6.x-3.1

wim_leershierarchical_selectMatch6.x-3.2

wim_leershierarchical_selectMatch6.x-3.3

wim_leershierarchical_selectMatch6.x-3.4

wim_leershierarchical_selectMatch6.x-3.5

wim_leershierarchical_selectMatch6.x-3.6

wim_leershierarchical_selectMatch6.x-3.7

wim_leershierarchical_selectMatch6.x-3.xdev

AND

drupaldrupalMatch-

wimleershierarchical_selectMatch6.x-3.0

wimleershierarchical_selectMatch6.x-3.1

wimleershierarchical_selectMatch6.x-3.xdev

VendorProductVersionCPE
wim_leershierarchical_select6.x-3.0cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.0:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.1cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.1:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.2cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.2:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.3cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.3:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.4cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.4:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.5cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.5:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.6cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.6:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.7cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.7:*:*:*:*:*:*:*
wim_leershierarchical_select6.x-3.xcpe:2.3:a:wim_leers:hierarchical_select:6.x-3.x:dev:*:*:*:*:*:*
drupaldrupal-cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wim_leers	hierarchical_select	6.x-3.0	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.0:::::::*
wim_leers	hierarchical_select	6.x-3.1	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.1:::::::*
wim_leers	hierarchical_select	6.x-3.2	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.2:::::::*
wim_leers	hierarchical_select	6.x-3.3	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.3:::::::*
wim_leers	hierarchical_select	6.x-3.4	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.4:::::::*
wim_leers	hierarchical_select	6.x-3.5	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.5:::::::*
wim_leers	hierarchical_select	6.x-3.6	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.6:::::::*
wim_leers	hierarchical_select	6.x-3.7	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.7:::::::*
wim_leers	hierarchical_select	6.x-3.x	cpe:2.3:a:wim_leers:hierarchical_select:6.x-3.x:dev::::::
drupal	drupal	-	cpe:2.3:a:drupal:drupal:-:::::::*

Rows per page:

1-10 of 131

References

drupal.org/node/1461318

drupal.org/node/1461724

drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee

osvdb.org/79683

secunia.com/advisories/48235

www.openwall.com/lists/oss-security/2012/04/07/1

www.securityfocus.com/bid/52228

exchange.xforce.ibmcloud.com/vulnerabilities/73611

CVSS2

2.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

45.2%

JSON

Related for NVD:CVE-2012-1652

drupal1 prion1 cve1 cvelist1