CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2300

Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product classes permission to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.5%

CVSS Severity

CVSS v2 Score 2.1

References

Products affected by CVE-2012-2300

Drupal » Drupal » Version: N/A

cpe:2.3:a:drupal:drupal:-
Ubercart » Ubercart » Version: 6.x-2.0

cpe:2.3:a:ubercart:ubercart:6.x-2.0
Ubercart » Ubercart » Version: 6.x-2.1

cpe:2.3:a:ubercart:ubercart:6.x-2.1
Ubercart » Ubercart » Version: 6.x-2.2

cpe:2.3:a:ubercart:ubercart:6.x-2.2
Ubercart » Ubercart » Version: 6.x-2.3

cpe:2.3:a:ubercart:ubercart:6.x-2.3
Ubercart » Ubercart » Version: 6.x-2.4

cpe:2.3:a:ubercart:ubercart:6.x-2.4
Ubercart » Ubercart » Version: 6.x-2.6

cpe:2.3:a:ubercart:ubercart:6.x-2.6
Ubercart » Ubercart » Version: 6.x-2.7

cpe:2.3:a:ubercart:ubercart:6.x-2.7
Ubercart » Ubercart » Version: 7.x-3.0

cpe:2.3:a:ubercart:ubercart:7.x-3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2300

Products

Pricing

Contact Us