CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-1658

Cross-site scripting (XSS) vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users with the access administration pages permission to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.6%

CVSS Severity

CVSS v2 Score 2.1

References

http://drupal.org/node/1471080
http://drupal.org/node/1471822
http://secunia.com/advisories/48138
http://www.openwall.com/lists/oss-security/2012/04/07/1
http://www.osvdb.org/79856
http://www.securityfocus.com/bid/52340
https://exchange.xforce.ibmcloud.com/vulnerabilities/73777
http://drupal.org/node/1471080
http://drupal.org/node/1471822
http://secunia.com/advisories/48138
http://www.openwall.com/lists/oss-security/2012/04/07/1
http://www.osvdb.org/79856
http://www.securityfocus.com/bid/52340
https://exchange.xforce.ibmcloud.com/vulnerabilities/73777

Products affected by CVE-2012-1658

Drupal » Drupal » Version: N/A

cpe:2.3:a:drupal:drupal:-
Fourkitchens » Ed Readmore » Version: 6.x-3.0

cpe:2.3:a:fourkitchens:ed_readmore:6.x-3.0
Fourkitchens » Ed Readmore » Version: 6.x-3.x

cpe:2.3:a:fourkitchens:ed_readmore:6.x-3.x

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1658

Products

Pricing

Contact Us