Lucene search
HistoryAug 31, 2012 - 10:55 p.m.
CVE-2012-2117
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.003
Percentile
65.9%
Cross-site scripting (XSS) vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
yaniv_aran-shamirgigyaMatch.x-3.0beta1
ORyaniv_aran-shamirgigyaMatch6.x-3.0
ORyaniv_aran-shamirgigyaMatch6.x-3.0beta2
ORyaniv_aran-shamirgigyaMatch6.x-3.0beta3
ORyaniv_aran-shamirgigyaMatch6.x-3.1
ORyaniv_aran-shamirgigyaMatch6.x-3.xdev
drupaldrupalMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| yaniv_aran-shamir | gigya | .x-3.0 | cpe:2.3:a:yaniv_aran-shamir:gigya:.x-3.0:beta1:*:*:*:*:*:* |
| yaniv_aran-shamir | gigya | 6.x-3.0 | cpe:2.3:a:yaniv_aran-shamir:gigya:6.x-3.0:*:*:*:*:*:*:* |
| yaniv_aran-shamir | gigya | 6.x-3.0 | cpe:2.3:a:yaniv_aran-shamir:gigya:6.x-3.0:beta2:*:*:*:*:*:* |
| yaniv_aran-shamir | gigya | 6.x-3.0 | cpe:2.3:a:yaniv_aran-shamir:gigya:6.x-3.0:beta3:*:*:*:*:*:* |
| yaniv_aran-shamir | gigya | 6.x-3.1 | cpe:2.3:a:yaniv_aran-shamir:gigya:6.x-3.1:*:*:*:*:*:*:* |
| yaniv_aran-shamir | gigya | 6.x-3.x | cpe:2.3:a:yaniv_aran-shamir:gigya:6.x-3.x:dev:*:*:*:*:*:* |
| drupal | drupal | - | cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:* |
Related
drupal
drupal
SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS)
2012-04-18 00:00:00
cvelist
cvelist
CVE-2012-2117
2012-08-31 22:00:00
cve
cve
CVE-2012-2117
2012-08-31 22:55:01
prion
prion
Cross site scripting
2012-08-31 22:55:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.003
Percentile
65.9%
Related for NVD:CVE-2012-2117