Lucene search

PRIOn knowledge basePRION:CVE-2012-2339

HistoryMay 21, 2012 - 8:55 p.m.

Cross site scripting

2012-05-2120:55:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.2%

JSON

Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to “taxonomy information.”

CPENameOperatorVersion
glossaryeq6.x-1.0 beta2
glossaryeq6.x-1.0 beta5
glossaryeq6.x-1.0 dev
glossaryeq6.x-1.0 beta4
glossaryeq6.120.10
glossaryeq6.x-1.0 beta3
glossaryeq6.x-1.0 beta1
glossaryeq6.120.11
glossaryeq6.120.12
glossaryeq6.120.13

Name	Operator	Version
glossary	eq	6.x-1.0 beta2
glossary	eq	6.x-1.0 beta5
glossary	eq	6.x-1.0 dev
glossary	eq	6.x-1.0 beta4
glossary	eq	6.120.10
glossary	eq	6.x-1.0 beta3
glossary	eq	6.x-1.0 beta1
glossary	eq	6.120.11
glossary	eq	6.120.12
glossary	eq	6.120.13

Rows per page:

1-10 of 131

References

drupalcode.org/project/glossary.git/commitdiff/c6cc3ac

secunia.com/advisories/49074

www.openwall.com/lists/oss-security/2012/05/10/6

www.openwall.com/lists/oss-security/2012/05/11/2

www.openwall.com/lists/oss-security/2012/06/14/3

www.openwall.com/lists/oss-security/2012/06/15/6

www.securityfocus.com/bid/53440

drupal.org/node/1568156

drupal.org/node/1569482

exchange.xforce.ibmcloud.com/vulnerabilities/75503