Lucene search

PRIOn knowledge basePRION:CVE-2012-2076

HistoryAug 14, 2012 - 11:55 p.m.

Cross site scripting

2012-08-1423:55:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.4%

JSON

Cross-site scripting (XSS) vulnerability in the administration forms in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with administer sharethis permissions to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
sharethiseq7.120.20
sharethiseq7.x-2.0 dev
sharethiseq7.120.21
sharethiseq7.120.22

Name	Operator	Version
sharethis	eq	7.120.20
sharethis	eq	7.x-2.0 dev
sharethis	eq	7.120.21
sharethis	eq	7.120.22

References

drupalcode.org/project/sharethis.git/commit/11f247a

osvdb.org/80670

secunia.com/advisories/48598

www.openwall.com/lists/oss-security/2012/04/07/1

www.securityfocus.com/bid/52778

drupal.org/node/1504746

drupal.org/node/1506448

exchange.xforce.ibmcloud.com/vulnerabilities/74516