CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6573

Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2012-6573

Alejandro Garza » Apachesolr Autocomplete » Version: 6.x-1.0

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.0
Alejandro Garza » Apachesolr Autocomplete » Version: 6.x-1.1

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.1
Alejandro Garza » Apachesolr Autocomplete » Version: 6.x-1.2

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.2
Alejandro Garza » Apachesolr Autocomplete » Version: 6.x-1.3

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.3
Alejandro Garza » Apachesolr Autocomplete » Version: 6.x-1.x

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.x
Alejandro Garza » Apachesolr Autocomplete » Version: 7.x-1.0

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.0
Alejandro Garza » Apachesolr Autocomplete » Version: 7.x-1.1

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.1
Alejandro Garza » Apachesolr Autocomplete » Version: 7.x-1.2

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.2
Alejandro Garza » Apachesolr Autocomplete » Version: 7.x-1.x

cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.x
Drupal » Drupal » Version: N/A

cpe:2.3:a:drupal:drupal:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6573

Products

Pricing

Contact Us