VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-1998

tablefield: Cross-site scripting (XSS) vulnerability in the CCK...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1998

Original

Cross-site scripting (XSS) vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-05-20

Source Information Category:

Advisory, Alert

Last Updated:

2010-05-21

Affected Product Tags

cpe:/a:drupal:drupal

cpe:/a:kevinhankens:tablefield:6.x-1.0

cpe:/a:kevinhankens:tablefield:6.x-1.0:beta1

cpe:/a:kevinhankens:tablefield:6.x-1.0:beta2

cpe:/a:kevinhankens:tablefield:6.x-1.1

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

BID 39954

CONFIRM http://drupal.org/node/790998

CONFIRM http://drupal.org/node/790364

OSVDB 64358

SECUNIA 39644

VUPEN ADV-2010-1080

Vulnerability Type Cross-Site Scripting (XSS) (CWE-79)

XF ccktablefield-tableheaders-xss(58353)