CVE-2012-2068 in Fancy Slideinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) node_title or (2) nodequeue_title parameter.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/04/2012

Disclosure

09/04/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

3.5

EPSS

0.00343

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2068
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2068
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2068/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!