CVEDB API

Vulnerabilities

Vulnerable Software

Rob Loach: >> Sharethis >> 7.x-2.0 Security Vulnerabilities

CVE-2012-5545

Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arbitrary web script or HTML via unspecified vectors related to "JavaScript settings."

CVSS Score

2.1

EPSS Score

0.002

Published

2012-12-03

CVE-2012-2076

Cross-site scripting (XSS) vulnerability in the administration forms in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with administer sharethis permissions to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

2.1

EPSS Score

0.003

Published

2012-08-14

CVE-2012-2077

Cross-site request forgery (CSRF) vulnerability in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of users with administer sharethis permissions via unknown vectors "outside of the Form API."

CVSS Score

5.1

EPSS Score

0.002

Published

2012-08-14

Page 1

Vulnerabilities

Vulnerable Software

Rob Loach: >> Sharethis >> 7.x-2.0 Security Vulnerabilities

Products

Pricing

Contact Us