CVE-2010-2158
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) phone, or (3) im parameter in a stormperson action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Multiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en el módulo Storm v5.x y v6.x anterior a v6.x-1.33 para Drupal permite a usuarios autenticados remotamente, con ciertos privilegios del módulo, inyectar código web o HTML a través de los parámetros (1) fullname, (2) phone, o (3) im en una acción "stormperson" en index.php. NOTA: el origen de esta información es desconocido. Los detalles han sido obtenidos a partir de terceros.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-06-07 CVE Reserved
- 2010-06-07 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://drupal.org/node/803770 | 2010-06-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/39732 | 2010-06-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.1 Search vendor "Speedtech" for product "Storm" and version "5.x-1.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.2 Search vendor "Speedtech" for product "Storm" and version "5.x-1.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.3 Search vendor "Speedtech" for product "Storm" and version "5.x-1.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.4 Search vendor "Speedtech" for product "Storm" and version "5.x-1.4" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.5 Search vendor "Speedtech" for product "Storm" and version "5.x-1.5" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.6 Search vendor "Speedtech" for product "Storm" and version "5.x-1.6" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.7 Search vendor "Speedtech" for product "Storm" and version "5.x-1.7" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.8 Search vendor "Speedtech" for product "Storm" and version "5.x-1.8" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.9 Search vendor "Speedtech" for product "Storm" and version "5.x-1.9" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.10 Search vendor "Speedtech" for product "Storm" and version "5.x-1.10" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.11 Search vendor "Speedtech" for product "Storm" and version "5.x-1.11" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.12 Search vendor "Speedtech" for product "Storm" and version "5.x-1.12" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.13 Search vendor "Speedtech" for product "Storm" and version "5.x-1.13" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.14 Search vendor "Speedtech" for product "Storm" and version "5.x-1.14" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 5.x-1.x Search vendor "Speedtech" for product "Storm" and version "5.x-1.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.0 Search vendor "Speedtech" for product "Storm" and version "6.x-1.0" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.1 Search vendor "Speedtech" for product "Storm" and version "6.x-1.1" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.2 Search vendor "Speedtech" for product "Storm" and version "6.x-1.2" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.3 Search vendor "Speedtech" for product "Storm" and version "6.x-1.3" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.4 Search vendor "Speedtech" for product "Storm" and version "6.x-1.4" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.5 Search vendor "Speedtech" for product "Storm" and version "6.x-1.5" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.6 Search vendor "Speedtech" for product "Storm" and version "6.x-1.6" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.7 Search vendor "Speedtech" for product "Storm" and version "6.x-1.7" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.8 Search vendor "Speedtech" for product "Storm" and version "6.x-1.8" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.9 Search vendor "Speedtech" for product "Storm" and version "6.x-1.9" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.10 Search vendor "Speedtech" for product "Storm" and version "6.x-1.10" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.11 Search vendor "Speedtech" for product "Storm" and version "6.x-1.11" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.12 Search vendor "Speedtech" for product "Storm" and version "6.x-1.12" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.13 Search vendor "Speedtech" for product "Storm" and version "6.x-1.13" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.14 Search vendor "Speedtech" for product "Storm" and version "6.x-1.14" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.15 Search vendor "Speedtech" for product "Storm" and version "6.x-1.15" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.16 Search vendor "Speedtech" for product "Storm" and version "6.x-1.16" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.17 Search vendor "Speedtech" for product "Storm" and version "6.x-1.17" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.18 Search vendor "Speedtech" for product "Storm" and version "6.x-1.18" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.19 Search vendor "Speedtech" for product "Storm" and version "6.x-1.19" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.20 Search vendor "Speedtech" for product "Storm" and version "6.x-1.20" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.21 Search vendor "Speedtech" for product "Storm" and version "6.x-1.21" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.22 Search vendor "Speedtech" for product "Storm" and version "6.x-1.22" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.23 Search vendor "Speedtech" for product "Storm" and version "6.x-1.23" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.24 Search vendor "Speedtech" for product "Storm" and version "6.x-1.24" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.25 Search vendor "Speedtech" for product "Storm" and version "6.x-1.25" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.26 Search vendor "Speedtech" for product "Storm" and version "6.x-1.26" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.27 Search vendor "Speedtech" for product "Storm" and version "6.x-1.27" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.28 Search vendor "Speedtech" for product "Storm" and version "6.x-1.28" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.29 Search vendor "Speedtech" for product "Storm" and version "6.x-1.29" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.30 Search vendor "Speedtech" for product "Storm" and version "6.x-1.30" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.31 Search vendor "Speedtech" for product "Storm" and version "6.x-1.31" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.32 Search vendor "Speedtech" for product "Storm" and version "6.x-1.32" | - |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|
| Speedtech Search vendor "Speedtech" | Storm Search vendor "Speedtech" for product "Storm" | 6.x-1.x Search vendor "Speedtech" for product "Storm" and version "6.x-1.x" | dev |
Affected
| in | Drupal Search vendor "Drupal" | Drupal Search vendor "Drupal" for product "Drupal" | * | - |
Safe
|