CVE-2012-5559 in ctoolsinfo

Summary

Cross-site scripting (XSS) vulnerability in the page manager node view task in the Chaos tool suite (ctools) module 6.x-1.x before 6.x-1.10 for Drupal allows remote authenticated users with permissions to submit or edit nodes to inject arbitrary web script or HTML via the page title.

Once again VulDB remains the best source for vulnerability data.

Reservation

10/24/2012

Disclosure

12/03/2012

Moderation

VulDB entry created

Entries

VDB-63136 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00193

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5559
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5559
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5559/

◂ Previous Overview Next ▸