FKIE_CVE-2012-1561

Vulnerability from fkie_nvd - Published: 2014-04-08 14:22 - Updated: 2026-06-16 23:39
Severity
Summary
Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "checkbox and radio button functionalities."
References
secalert@redhat.comhttp://drupal.org/node/1432318
secalert@redhat.comhttp://drupal.org/node/1432320
secalert@redhat.comhttp://drupalcode.org/project/finder.git/commit/13e2d0c
secalert@redhat.comhttp://drupalcode.org/project/finder.git/commit/58443aa
secalert@redhat.comhttp://secunia.com/advisories/47941
secalert@redhat.comhttp://secunia.com/advisories/47943Vendor Advisory
secalert@redhat.comhttp://www.madirish.net/content/drupal-finder-6x-19-xss-and-remote-code-execution-vulnerabilities
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/03/16/9
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/03/19/9
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/04/07/1
secalert@redhat.comhttp://www.osvdb.org/79015
secalert@redhat.comhttps://drupal.org/node/1432970Patch, Vendor Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/73110
af854a3a-2127-422b-91ae-364da2661108http://drupal.org/node/1432318
af854a3a-2127-422b-91ae-364da2661108http://drupal.org/node/1432320
af854a3a-2127-422b-91ae-364da2661108http://drupalcode.org/project/finder.git/commit/13e2d0c
af854a3a-2127-422b-91ae-364da2661108http://drupalcode.org/project/finder.git/commit/58443aa
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/47941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/47943Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.madirish.net/content/drupal-finder-6x-19-xss-and-remote-code-execution-vulnerabilities
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/03/16/9
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/03/19/9
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/04/07/1
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/79015
af854a3a-2127-422b-91ae-364da2661108https://drupal.org/node/1432970Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/73110
Impacted products
Vendor Product Version
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.0
danielb finder 6.x-1.1
danielb finder 6.x-1.2
danielb finder 6.x-1.3
danielb finder 6.x-1.4
danielb finder 6.x-1.5
danielb finder 6.x-1.6
danielb finder 6.x-1.7
danielb finder 6.x-1.8
danielb finder 6.x-1.9
danielb finder 6.x-1.10
danielb finder 6.x-1.11
danielb finder 6.x-1.12
danielb finder 6.x-1.13
danielb finder 6.x-1.14
danielb finder 6.x-1.15
danielb finder 6.x-1.16
danielb finder 6.x-1.17
danielb finder 6.x-1.18
danielb finder 6.x-1.19
danielb finder 6.x-1.20
danielb finder 6.x-1.21
danielb finder 6.x-1.23
danielb finder 6.x-1.24
danielb finder 6.x-1.25
danielb finder 6.x-1.x-dev
danielb finder 7.x-1.0
danielb finder 7.x-1.1
danielb finder 7.x-1.2
danielb finder 7.x-1.3
danielb finder 7.x-1.4
danielb finder 7.x-1.5
danielb finder 7.x-1.6
danielb finder 7.x-1.x
danielb finder 7.x-2.0
danielb finder 7.x-2.0
danielb finder 7.x-2.0
danielb finder 7.x-2.0
danielb finder 7.x-2.0
danielb finder 7.x-2.0
danielb finder 7.x-2.x

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "secalert@redhat.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECAB5556-2D6A-4724-8A8C-33A9A56CAB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "ABC2F8E7-8831-4245-AC98-B6E9BDD5BFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha10:*:*:*:*:*:*",
              "matchCriteriaId": "CA4D18A4-7BE0-429D-92F4-9D36AF0B544B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha11:*:*:*:*:*:*",
              "matchCriteriaId": "EC31DF6C-43DC-4D14-9652-131E1F6D6087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha12:*:*:*:*:*:*",
              "matchCriteriaId": "6C710A9C-492C-420B-846C-88915EC81EFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha13:*:*:*:*:*:*",
              "matchCriteriaId": "63B0B97E-8B43-4C04-9CD2-62227946189A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha14:*:*:*:*:*:*",
              "matchCriteriaId": "D5CB5802-F368-4F45-91F6-5BF7EADD33CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha15:*:*:*:*:*:*",
              "matchCriteriaId": "F63A4E57-90ED-4B43-AA57-039A07C3BF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha16:*:*:*:*:*:*",
              "matchCriteriaId": "6A8E9D3A-0C79-4650-B403-8F0A286E66E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha17:*:*:*:*:*:*",
              "matchCriteriaId": "959616EB-EFC3-409B-973F-6F7FE30C0741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha18:*:*:*:*:*:*",
              "matchCriteriaId": "F7154E41-8216-4561-90F2-F8FD7713CE4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha19:*:*:*:*:*:*",
              "matchCriteriaId": "601A9856-5A88-4DE1-B751-FA9320806100",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "6D7FA592-38C3-40CE-B6D0-B6511C497E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha20:*:*:*:*:*:*",
              "matchCriteriaId": "5D802E6B-2B2B-4703-90BC-B2E0DD0E8012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha21:*:*:*:*:*:*",
              "matchCriteriaId": "3C41609E-4A2B-44F9-9F74-B29BF3628EBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha22:*:*:*:*:*:*",
              "matchCriteriaId": "70ED9990-E62B-4F7A-8756-850208DECF3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha23:*:*:*:*:*:*",
              "matchCriteriaId": "5F3C452B-D50D-4F28-8253-9E48365654F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha24:*:*:*:*:*:*",
              "matchCriteriaId": "EE503058-798A-44F7-8705-027C9C05390D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha25:*:*:*:*:*:*",
              "matchCriteriaId": "6704B28D-77D1-4718-AD73-570E0F449D9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha26:*:*:*:*:*:*",
              "matchCriteriaId": "854B028B-C6BD-4D20-9A27-306CE1B7A696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha27:*:*:*:*:*:*",
              "matchCriteriaId": "FC0F76F3-47EB-472D-8822-C4F62455E193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha28:*:*:*:*:*:*",
              "matchCriteriaId": "D14A7373-21DA-4A75-BCE6-3655237EA80B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "C8671C56-AE42-427A-B916-99BC2B605F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "F67B2F3C-2546-4262-8FE0-91FE9652CDC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "BD1B7808-8DF0-4ED9-A189-DB23ECFD2B40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "28E9C8B4-C62E-415A-A819-ABB4594C32DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha7:*:*:*:*:*:*",
              "matchCriteriaId": "2B1748F1-DE07-4914-AB65-F5ED73E5A388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha8:*:*:*:*:*:*",
              "matchCriteriaId": "FB86F180-7B28-47BB-B964-13AD6BCA0BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:alpha9:*:*:*:*:*:*",
              "matchCriteriaId": "6BDC5314-5AF9-4C99-B296-631AC133C3B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "932C3C72-A9B9-4CA6-8A63-5CBD21080FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1DA7DA76-BC39-4589-BDAA-A2BFC9154A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "F187D4E5-9220-49F9-B8B3-ACF0D46E4269",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "91C9EAE1-EF5D-43EC-8B5B-7BA7567E35C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "59968AC8-FE0B-40DF-91E1-450EBD52A406",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "38A06CDF-2037-414E-A4AE-E11D2567DFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "765AC4DC-DF43-41C1-8BDB-9F2A066B8B4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable0:*:*:*:*:*:*",
              "matchCriteriaId": "60E03E68-97F5-41DB-82F5-11A04DEB3D46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable1:*:*:*:*:*:*",
              "matchCriteriaId": "227BB15A-6B03-49A7-9EEC-F858133093AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable2:*:*:*:*:*:*",
              "matchCriteriaId": "DF5F6248-FF35-4D11-AD09-9DC7B0A10CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable3:*:*:*:*:*:*",
              "matchCriteriaId": "A2A674B0-0A7A-4656-8E06-81C6535F1836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable4:*:*:*:*:*:*",
              "matchCriteriaId": "1F097AE3-6F40-499E-9735-2C1247D35FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable5:*:*:*:*:*:*",
              "matchCriteriaId": "5AD1CE80-0912-4779-AD8C-196847DE6DAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable6:*:*:*:*:*:*",
              "matchCriteriaId": "8F0C9F57-A9B9-4E72-AFB8-011F7018600A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.0:unstable7:*:*:*:*:*:*",
              "matchCriteriaId": "1E12F832-D8E5-4433-9BFD-4B8FC8F803B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF325929-15E9-4CE6-BAD7-9685A6DD350A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA87F37-0629-4700-A864-43DE48FFDF06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1C3EA1-656B-4E64-8057-E4FA1ED48BBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D561F6AD-1025-4CB1-8C89-15EE00D1780E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B238BF6-95CC-4225-808F-EC564722D714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C4696C0-CAE6-4DA8-982F-D69508EBF885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "69F7E6CD-F36E-4940-818B-14B0553DE6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A11B39CD-79B6-45D9-B74F-119F1ECADBAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "629C326F-3083-4B54-8B8F-CB3ADDB86697",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "400B9BD7-526F-4262-9C15-A62EEAC398AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "58331DD3-9F51-425F-B9CC-E6CD5098730A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E70BA3DC-29D2-4B5D-AB77-F671C7096F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5F259A-70DC-4B86-BDD1-BF9769D09278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA6D683-62E9-45D7-B976-BA95A572D66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F773036-717B-4C9E-96AE-C53A4AD96412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC29EDE4-EB3E-4D55-A9F9-0E3EDAD3AEC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD9A8C3A-3333-4FA0-9062-2A32CECF7EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F0745EC-1BFA-436A-932B-E2F37D0751C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B457A70-D5CF-40D5-AE1D-C9FA2641C267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD002F99-26D4-4CB1-8671-3DB5A7BFFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD0B4E2-335D-40D3-842B-2DFD37473CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0761F17-D755-4D69-9E11-EC069C8E7320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "01CC175F-60EA-4747-B2BA-EE6F27256095",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD2C47F-5CFE-4766-BCF4-35B0B8BBBC8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:6.x-1.x-dev:*:*:*:*:*:*:*",
              "matchCriteriaId": "8738229B-A0E2-4F6A-873C-10F852C5B670",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE8A932-C637-43A8-ACA2-3465A700D50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E811DDE5-C168-4458-9238-CD581A0DCDC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F513BF-9AF4-469B-BC10-CAA04F6E53FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08839998-1373-4900-8A5D-31739F690587",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7433E00-08F8-473E-8091-A7907983778F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A2E062F-8CC4-4EBE-A628-963C3CB325BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C414FE-8E57-4F51-92BE-A73D5B087132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-1.x:dev:*:*:*:*:*:*",
              "matchCriteriaId": "A3678827-41F8-4190-9B3A-1FB244681D82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "0A645395-F59B-44A3-B7D8-3DB4C69A890D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "914F133C-D035-4481-9868-BBF264FE1344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "48127582-98BA-41EA-9701-2EF78919624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "E0CF6C6A-AF5A-4DC5-9A55-2361A6776CD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "33FF98EE-F5BA-44B1-A2AF-32182A0788B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.0:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "144724D3-4DFD-4882-A146-2B9207AC950C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:danielb:finder:7.x-2.x:dev:*:*:*:*:*:*",
              "matchCriteriaId": "07907C37-E6E2-4B85-B209-6C474F349762",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the \"checkbox and radio button functionalities.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en el m\u00f3dulo Finder 6.x-1.x anterior a 6.x-1.26, 7.x-1.x y 7.x-2.x anterior a 7.x-2.0-alpha8 para Drupal permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores no especificados relacionados con \"funcionalidades de bot\u00f3n de casilla de verificaci\u00f3n y radio.\""
    }
  ],
  "id": "CVE-2012-1561",
  "lastModified": "2026-06-16T23:39:43.893",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-04-08T14:22:09.660",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://drupal.org/node/1432318"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://drupal.org/node/1432320"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://drupalcode.org/project/finder.git/commit/13e2d0c"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://drupalcode.org/project/finder.git/commit/58443aa"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/47941"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47943"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.madirish.net/content/drupal-finder-6x-19-xss-and-remote-code-execution-vulnerabilities"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/16/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/19/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/79015"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://drupal.org/node/1432970"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://drupal.org/node/1432318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://drupal.org/node/1432320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://drupalcode.org/project/finder.git/commit/13e2d0c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://drupalcode.org/project/finder.git/commit/58443aa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/47941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.madirish.net/content/drupal-finder-6x-19-xss-and-remote-code-execution-vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/16/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/19/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/79015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://drupal.org/node/1432970"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73110"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…