CVE-2012-6582

{"id": "CVE-2012-6582", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-08-20T18:14:02.113", "references": [{"url": "http://osvdb.org/85680", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/50670", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/55613", "source": "cve@mitre.org"}, {"url": "https://drupal.org/node/1789084", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://drupal.org/node/1789086", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://drupal.org/node/1789242", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78701", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x before 6.x-3.2 and 7.x-1.x before 7.x-1.1 for Drupal allows certain remote attackers to inject arbitrary web script or HTML via a stopforumspam.com API response, which is logged by the watchdog."}, {"lang": "es", "value": "Vulnerabilidad XSS en el m\u00f3dulo Spambot 6.x-3.x anterior a 6.x-3.2 y 7.x-1.x anterior a 7.x-1.1 para Drupal, permite a determinados atacantes inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de respuestas de la API stopforumspam.com cuando se ha logado por el \"watchdog\"."}], "lastModified": "2017-08-29T01:32:58.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:spambot_module_project:spambot:6.x-3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CA223B5-6B4D-4B58-BEC1-93B503246A8A"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:6.x-3.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EC866C6-FD30-49C1-A4B3-7CB9547BE067"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:6.x-3.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A106FD7-DFFA-4E4F-9053-E18A33BF0B0B"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:6.x-3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D208FBF9-AD5E-4DC2-AA8A-6F70D8C01A34"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:6.x-3.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13A55CA3-523B-41E2-A3C6-727215F8FAE8"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:7.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA5867F6-55DB-45CA-A915-5B646EAB05AD"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:7.x-1.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CC32C19-3C98-45A2-A36D-7744BD2B6CD0"}, {"criteria": "cpe:2.3:a:spambot_module_project:spambot:7.x-1.x:dev:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "839B0737-905F-4946-BCEE-129C5BB725AC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8B1170D-AD33-4C7A-892D-63AC71B032CF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}