NVD

Id
43505  
Name
CVE-2012-1632  
Description
Cross-site scripting (XSS) vulnerability in password_policy.admin.inc in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote authenticated users with administer policies permissions to inject arbitrary web script or HTML via the name parameter.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:N/AC:H/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-09-19  
Modified Date
2012-09-20  
Seq
2012-1632  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
218654 43505 CVE-2012-1632 http://drupal.org/node/1401678  View
218655 43505 CVE-2012-1632 http://drupalcode.org/project/password_policy.git/commit/3c688c3b4a3ed96fdc4b89883595633338c7ebb6  View
218656 43505 CVE-2012-1632 [oss-security] 20120406 CVE"s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)  View
218657 43505 CVE-2012-1632 51385  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28790 JVNDB-2012-004497 Drupal 用 Password Policy モジュールにおけるクロスサイトスクリプティングの脆弱性 Drupal 用 Password Policy モジュールの password_policy.admin.inc には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-1632 54870 CVE-2012-1632 43505 2.1 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004497.html 2012-01-11 2012-09-21 View