CVE-2012-4469 in Simon Rycroft Hashcashinformation

Résumé (Anglaise)

Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid token, which is not properly handled when administrators use the Database logging module.

Réserver

21/08/2012

Divulgation

30/11/2012

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
63092	Simon Rycroft Hashcash cross site scripting	79	Non défini	Correctif officiel	CVE-2012-4469

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!