Lucene search

K

RedhatCVELIST:CVE-2012-2717

HistoryJun 27, 2012 - 9:00 p.m.

CVE-2012-2717

2012-06-2721:00:00

redhat

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tools module 6.x-2.x before 6.x-2.3 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) Mobile URL field or (2) Desktop URL field to the General configuration page, or the (3) message to the Mobile Tools block message options.

References

drupal.org/node/1169008

drupal.org/node/1608828

drupalcode.org/project/mobile_tools.git/commitdiff/614b0fc

osvdb.org/82410

secunia.com/advisories/49318

www.madirish.net/content/drupal-mobile-tools-6x-23-xss

www.openwall.com/lists/oss-security/2012/06/14/3

www.securityfocus.com/bid/53734

exchange.xforce.ibmcloud.com/vulnerabilities/76002

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

Related for CVELIST:CVE-2012-2717

prion1 nvd1 cve1 drupal1