Vulnerability CVE-2012-2723

Vulnerability CVE-2012-2723

Published: 2012-06-26 Modified: 2012-06-27

Description:

	Topic	Author	Date
Low	Drupal Maestro 7.x Cross Site Scripting / Cross Site Request Forgery	Steve Persch	08.06.2012

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
2.6/10	2.9/10	4.9/10

Affected software
Blaine lang -> Maestro

http://drupalcode.org/project/maestro.git/commitdiff/c499971

http://drupal.org/node/1619830

http://drupal.org/node/1617952

http://xforce.iss.net/xforce/xfdb/76145

http://www.securityfocus.com/bid/53836

http://www.osvdb.org/82713

http://www.openwall.com/lists/oss-security/2012/06/14/3

http://secunia.com/advisories/49393