Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1060

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-1060
Last Modified 14 Feb 2012 12:00:00
Published 13 Feb 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2012-1060

Summary

Multiple cross-site scripting (XSS) vulnerabilities in revisioning_theme.inc in the Taxonomy module in the Revisioning module 6.x-3.13 and other versions before 6.x-3.14 for Drupal allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) tags or (2) term parameters.

Vulnerable Systems

Application

  • Rik De Boer Revisioning 6.x-3.13


References

BID - 51923

MISC - http://www.madirish.net/content/drupal-revisioning-6x-313-xss-vulnerability

SECUNIA - 47931

CONFIRM - http://drupalcode.org/project/revisioning.git/commit/768c882

CONFIRM - http://drupal.org/node/1433550

CONFIRM - http://drupal.org/node/1431114


Last Updated: 27 May 2016 10:58:15