CVE-2012-2300

Published: Aug 14, 2012Modified: Apr 29, 2026

2.1

Vector

AV:N/AC:H/Au:S/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product classes permission to inject arbitrary web script or HTML via unspecified vectors.

Affected (34)

Products: Ubercart: Ubercart

Ubercart

1 product

Ubercart

Configuration A

34 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ubercart Ubercart	Version 6.x-2.0
Ubercart Ubercart	Version 6.x-2.0 beta1
Ubercart Ubercart	Version 6.x-2.0 beta2
Ubercart Ubercart	Version 6.x-2.0 beta3
Ubercart Ubercart	Version 6.x-2.0 beta4
Ubercart Ubercart	Version 6.x-2.0 beta5
Ubercart Ubercart	Version 6.x-2.0 beta6
Ubercart Ubercart	Version 6.x-2.0 dev
Ubercart Ubercart	Version 6.x-2.0 rc1
Ubercart Ubercart	Version 6.x-2.0 rc2
Ubercart Ubercart	Version 6.x-2.0 rc3
Ubercart Ubercart	Version 6.x-2.0 rc4
Ubercart Ubercart	Version 6.x-2.0 rc5
Ubercart Ubercart	Version 6.x-2.0 rc6
Ubercart Ubercart	Version 6.x-2.0 rc7
Ubercart Ubercart	Version 6.x-2.1
Ubercart Ubercart	Version 6.x-2.2
Ubercart Ubercart	Version 6.x-2.3
Ubercart Ubercart	Version 6.x-2.4
Ubercart Ubercart	Version 6.x-2.6
Ubercart Ubercart	Version 6.x-2.7
Ubercart Ubercart	Version 7.x-3.0
Ubercart Ubercart	Version 7.x-3.0 alpha1
Ubercart Ubercart	Version 7.x-3.0 alpha2
Ubercart Ubercart	Version 7.x-3.0 alpha3
Ubercart Ubercart	Version 7.x-3.0 beta1
Ubercart Ubercart	Version 7.x-3.0 beta2
Ubercart Ubercart	Version 7.x-3.0 beta3
Ubercart Ubercart	Version 7.x-3.0 beta4
Ubercart Ubercart	Version 7.x-3.0 dev
Ubercart Ubercart	Version 7.x-3.0 rc1
Ubercart Ubercart	Version 7.x-3.0 rc2
Ubercart Ubercart	Version 7.x-3.0 rc3
Ubercart Ubercart	Version 7.x-3.0 rc4