CVE-2010-2125

{"id": "CVE-2010-2125", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-06-01T21:30:01.180", "references": [{"url": "http://drupal.org/node/803930", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39883", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/64770", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58719", "source": "cve@mitre.org"}, {"url": "http://drupal.org/node/803930", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/39883", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/64770", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58719", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with \"create rotor item\" or \"edit any rotor item\" privileges, to inject arbitrary web script or HTML via the (1) srs, (2) title, or (3) alt image attribute."}, {"lang": "es", "value": "Multiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el m\u00f3dulo Rotor Banner v5.x anterior a v5.x-1.8 y v6.x anterior a v6.x-2.5 para Drupal permite a usuarios autenticados remotamente, con privilegios \"create rotor item\" o \"edit any rotor item\", inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s de los siguientes atributos de imagen (1) src, (2) title, or (3) alt"}], "lastModified": "2024-11-21T01:15:57.867", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EADF2B78-6A02-4EA3-B5E7-AA182546F009"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C874949B-43C7-46F0-B7A9-1D3EDC56F012"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7678F7F5-D74C-4804-BBDE-56ACA77E10B7"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "214AD43A-02C0-424A-BFF2-096ADE9E32F9"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "602AB23E-D16B-45BB-8920-8EA9E7D4DEFB"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1858FB2C-223A-4C56-972A-D3559FEC75C6"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30D81598-F88B-4043-B078-8AC4F4CCBB26"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F2F481F-120D-4780-A083-E766F494F00F"}, {"criteria": "cpe:2.3:a:systemseed:rotor:5.x-1.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C33D089-161D-446E-A18D-1AC68BE4C387"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F4E431-154C-4358-B65B-E1459EFE3EB1"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E3BC0FE-E761-4A44-8A20-C30F37193B27"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56B183B5-C8BA-4F87-ADC1-AFDD1BC0176C"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4FD8F83-4198-42CB-B6C0-F8118D1D547E"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7882AF9A-8A74-4251-8954-B7D2B12C404F"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-1.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9ABB6B6-24F1-49CC-9469-5D104AF9C971"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E832669-AB36-4E3F-8F95-CE8C4CB5A469"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7495CC3F-0526-4F71-97C5-44394C74790C"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ECF4F74-8620-498C-ACCD-03BA4833EC02"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:beta3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CA03D95-7129-4A95-85E7-6D6C2AB5E176"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "128E92D7-9F48-4E8E-BE15-8C4AD4DDEEA6"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "424F3C64-EBDD-4EAE-9D66-E3A09398FA76"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "786350B3-1DAB-4948-B826-FBC22D6BD446"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D97CE4CD-DE56-4B42-B7F6-388BBB469120"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18AE661A-CF5E-41EC-9994-CCD4FE04A184"}, {"criteria": "cpe:2.3:a:systemseed:rotor:6.x-2.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FA0611C-A660-4736-9F99-716F044DD909"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}