Be in love with vulnerability scanning

Mageni is a powerful and easy vulnerability scanner used by companies of all sizes. You will be in love with Mageni's powerful features, ease of use and price. Free for 7-days then $39 monthly for infinite IPs.

Start now 

No Contracts, Cancel at Anytime and 7-days Money-Back Guarantee.

App screenshot

CVE-2013-0259

CVE information

Published

9 years ago

Last Modified

8 years ago

CVSSv2.0 Severity

Low

Impact Analysis

Description

Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web script or HTML via the subject parameter..

CVSSv2.0 Score

Severity
Low
Base Score
2.1/10
Exploit Score
3.9/10
Access Vector
Network
Access Complexity
High
Authentication Required
Single
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:boxes_project:boxes:7.x-1.0:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta1:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta7:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta6:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta4:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.x:dev:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta5:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta2:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta8:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:boxes_project:boxes:7.x-1.0:beta3:*:*:*:*:*:*
  Yes
-
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*
  No
-

Every 11 seconds there is a ransomware attack.

Mageni can help you manage this threat by understanding your vulnerabilities and prioritizing the remediation.

Sign up for free