CVE-2010-4521
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
23/12/2010
Last modified:
11/04/2025
Description
Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:earl_miles:views:6.x-2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:alpha1:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:alpha2:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:alpha3:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:alpha4:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:alpha5:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:beta1:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:beta3:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:beta4:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:a:earl_miles:views:6.x-2.0:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://drupal.org/node/999380
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052802.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052814.html
- http://www.openwall.com/lists/oss-security/2010/12/16/7
- http://www.openwall.com/lists/oss-security/2010/12/22/1
- http://www.vupen.com/english/advisories/2011/0011
- http://drupal.org/node/999380
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052802.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052814.html
- http://www.openwall.com/lists/oss-security/2010/12/16/7
- http://www.openwall.com/lists/oss-security/2010/12/22/1
- http://www.vupen.com/english/advisories/2011/0011