Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2012-1646

Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via the (1) title parameter in faq.admin.inc or (2) detailed_question parameter in faq.module.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.4%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2012-1646
  • Drupal » Faq » Version: 6.x-1.0
    cpe:2.3:a:drupal:faq:6.x-1.0
  • Drupal » Faq » Version: 6.x-1.1
    cpe:2.3:a:drupal:faq:6.x-1.1
  • Drupal » Faq » Version: 6.x-1.10
    cpe:2.3:a:drupal:faq:6.x-1.10
  • Drupal » Faq » Version: 6.x-1.11
    cpe:2.3:a:drupal:faq:6.x-1.11
  • Drupal » Faq » Version: 6.x-1.12
    cpe:2.3:a:drupal:faq:6.x-1.12
  • Drupal » Faq » Version: 6.x-1.2
    cpe:2.3:a:drupal:faq:6.x-1.2
  • Drupal » Faq » Version: 6.x-1.3
    cpe:2.3:a:drupal:faq:6.x-1.3
  • Drupal » Faq » Version: 6.x-1.4
    cpe:2.3:a:drupal:faq:6.x-1.4
  • Drupal » Faq » Version: 6.x-1.5
    cpe:2.3:a:drupal:faq:6.x-1.5
  • Drupal » Faq » Version: 6.x-1.6
    cpe:2.3:a:drupal:faq:6.x-1.6
  • Drupal » Faq » Version: 6.x-1.7
    cpe:2.3:a:drupal:faq:6.x-1.7
  • Drupal » Faq » Version: 6.x-1.8
    cpe:2.3:a:drupal:faq:6.x-1.8
  • Drupal » Faq » Version: 6.x-1.9
    cpe:2.3:a:drupal:faq:6.x-1.9
  • Drupal » Faq » Version: 6.x-1.x
    cpe:2.3:a:drupal:faq:6.x-1.x
  • Drupal » Faq » Version: 7x-1.x-rc1
    cpe:2.3:a:drupal:faq:7x-1.x-rc1


Products
Pricing
Contact Us

Shodan ® - All rights reserved