{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T23:38:18.157","vulnerabilities":[{"cve":{"id":"CVE-2012-1632","sourceIdentifier":"secalert@redhat.com","published":"2012-09-20T00:55:04.890","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in password_policy.admin.inc in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote authenticated users with administer policies permissions to inject arbitrary web script or HTML via the name parameter."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en password_policy.admin.inc en el módulo Password Policy anteriores a v6.x-1.4 y v7.x-1.0 beta3 para Drupal, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través del parámetro name."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:N/I:P/A:N","baseScore":2.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:*:*:*:*:*:*:*:*","versionEndIncluding":"6.x-1.3","matchCriteriaId":"54E8A676-4F5C-4E61-9512-EF839D1A843B"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:5.x-1.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"A9932B21-9E21-432E-A9C6-645BBD78B0F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:5.x-1.x:dev:*:*:*:*:*:*","matchCriteriaId":"3BE02FD8-1BD6-4E49-B2AF-5A957672EFDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:*:*:*:*:*:*:*","matchCriteriaId":"8DFF6639-98CE-4B71-BB54-4FDBB71046F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:alpha1:*:*:*:*:*:*","matchCriteriaId":"E53CCC1A-A5EA-4941-8E11-8E0041F81DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"5C8E29CD-0AF8-4CA1-87EF-0AE732779411"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:alpha3:*:*:*:*:*:*","matchCriteriaId":"EDAB2F76-DF8C-4BDF-8E77-3325481ACFBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:alpha4:*:*:*:*:*:*","matchCriteriaId":"9E483142-C58E-466E-B2BB-07A29E4A65D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.0:beta1:*:*:*:*:*:*","matchCriteriaId":"663CC643-936B-436D-B737-4483F4DB4E61"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.1:*:*:*:*:*:*:*","matchCriteriaId":"41E32078-8C64-46AF-9379-03F235D56DCB"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.2:*:*:*:*:*:*:*","matchCriteriaId":"994AF345-E3CF-4B7D-A667-2A7C545B2BD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:6.x-1.x:dev:*:*:*:*:*:*","matchCriteriaId":"7A2FADA3-CA25-43BB-8B51-916891AED189"},{"vulnerable":true,"criteria":"cpe:2.3:a:erik_webb:password_policy:7.x-1.0:beta3:*:*:*:*:*:*","matchCriteriaId":"73E992F5-C450-4BBE-8CEA-D302FCD2AC6B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B1170D-AD33-4C7A-892D-63AC71B032CF"}]}]}],"references":[{"url":"http://drupal.org/node/1401678","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"http://drupalcode.org/project/password_policy.git/commit/3c688c3b4a3ed96fdc4b89883595633338c7ebb6","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/47541","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/07/1","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/51385","source":"secalert@redhat.com"},{"url":"http://drupal.org/node/1401678","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://drupalcode.org/project/password_policy.git/commit/3c688c3b4a3ed96fdc4b89883595633338c7ebb6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/47541","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/07/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/51385","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}