What is the severity of CVE-2010-2158?

CVE-2010-2158 is classified as a moderate severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2010-2158?

To fix CVE-2010-2158, update the Storm module to version 6.x-1.33 or later for both Drupal 5.x and 6.x.

What software is affected by CVE-2010-2158?

CVE-2010-2158 affects the Storm module versions 5.x and 6.x prior to 6.x-1.33 in Drupal.

Who can exploit CVE-2010-2158?

CVE-2010-2158 can be exploited by remote authenticated users with certain module privileges.

What are the potential impacts of CVE-2010-2158?

The impacts of CVE-2010-2158 include the injection of arbitrary web scripts or HTML, leading to possible data theft or other malicious actions.

Vulnerability/
CVE-2010-2158

low

2.1

CWE

7/6/2010

3/10/2022

7/8/2024

CVE-2010-2158: XSS

First published: Mon Jun 07 2010(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) phone, or (3) im parameter in a stormperson action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Speedtech Storm	=5.x-1.1
Speedtech Storm	=5.x-1.2
Speedtech Storm	=5.x-1.3
Speedtech Storm	=5.x-1.4
Speedtech Storm	=5.x-1.5
Speedtech Storm	=5.x-1.6
Speedtech Storm	=5.x-1.7
Speedtech Storm	=5.x-1.8
Speedtech Storm	=5.x-1.9
Speedtech Storm	=5.x-1.10
Speedtech Storm	=5.x-1.11
Speedtech Storm	=5.x-1.12
Speedtech Storm	=5.x-1.13
Speedtech Storm	=5.x-1.14
Speedtech Storm	=5.x-1.x-dev
Drupal Drupal
Speedtech Storm	=6.x-1.0
Speedtech Storm	=6.x-1.1
Speedtech Storm	=6.x-1.2
Speedtech Storm	=6.x-1.3
Speedtech Storm	=6.x-1.4
Speedtech Storm	=6.x-1.5
Speedtech Storm	=6.x-1.6
Speedtech Storm	=6.x-1.7
Speedtech Storm	=6.x-1.8
Speedtech Storm	=6.x-1.9
Speedtech Storm	=6.x-1.10
Speedtech Storm	=6.x-1.11
Speedtech Storm	=6.x-1.12
Speedtech Storm	=6.x-1.13
Speedtech Storm	=6.x-1.14
Speedtech Storm	=6.x-1.15
Speedtech Storm	=6.x-1.16
Speedtech Storm	=6.x-1.17
Speedtech Storm	=6.x-1.18
Speedtech Storm	=6.x-1.19
Speedtech Storm	=6.x-1.20
Speedtech Storm	=6.x-1.21
Speedtech Storm	=6.x-1.22
Speedtech Storm	=6.x-1.23
Speedtech Storm	=6.x-1.24
Speedtech Storm	=6.x-1.25
Speedtech Storm	=6.x-1.26
Speedtech Storm	=6.x-1.27
Speedtech Storm	=6.x-1.28
Speedtech Storm	=6.x-1.29
Speedtech Storm	=6.x-1.30
Speedtech Storm	=6.x-1.31
Speedtech Storm	=6.x-1.32
Speedtech Storm	=6.x-1.x-dev

Remedy

http://drupal.org/node/803770

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2158?
CVE-2010-2158 is classified as a moderate severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2010-2158?
To fix CVE-2010-2158, update the Storm module to version 6.x-1.33 or later for both Drupal 5.x and 6.x.
What software is affected by CVE-2010-2158?
CVE-2010-2158 affects the Storm module versions 5.x and 6.x prior to 6.x-1.33 in Drupal.
Who can exploit CVE-2010-2158?
CVE-2010-2158 can be exploited by remote authenticated users with certain module privileges.
What are the potential impacts of CVE-2010-2158?
The impacts of CVE-2010-2158 include the injection of arbitrary web scripts or HTML, leading to possible data theft or other malicious actions.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/weakness
agent/author
agent/remedy
agent/tags
agent/description
agent/event
agent/source
vendor/speedtech
canonical/speedtech storm
version/speedtech storm/5.x-1.1
version/speedtech storm/5.x-1.2
version/speedtech storm/5.x-1.3
version/speedtech storm/5.x-1.4
version/speedtech storm/5.x-1.5
version/speedtech storm/5.x-1.6
version/speedtech storm/5.x-1.7
version/speedtech storm/5.x-1.8
version/speedtech storm/5.x-1.9
version/speedtech storm/5.x-1.10
version/speedtech storm/5.x-1.11
version/speedtech storm/5.x-1.12
version/speedtech storm/5.x-1.13
version/speedtech storm/5.x-1.14
version/speedtech storm/5.x-1.x-dev
vendor/drupal
canonical/drupal drupal
version/speedtech storm/6.x-1.0
version/speedtech storm/6.x-1.1
version/speedtech storm/6.x-1.2
version/speedtech storm/6.x-1.3
version/speedtech storm/6.x-1.4
version/speedtech storm/6.x-1.5
version/speedtech storm/6.x-1.6
version/speedtech storm/6.x-1.7
version/speedtech storm/6.x-1.8
version/speedtech storm/6.x-1.9
version/speedtech storm/6.x-1.10
version/speedtech storm/6.x-1.11
version/speedtech storm/6.x-1.12
version/speedtech storm/6.x-1.13
version/speedtech storm/6.x-1.14
version/speedtech storm/6.x-1.15
version/speedtech storm/6.x-1.16
version/speedtech storm/6.x-1.17
version/speedtech storm/6.x-1.18
version/speedtech storm/6.x-1.19
version/speedtech storm/6.x-1.20
version/speedtech storm/6.x-1.21
version/speedtech storm/6.x-1.22
version/speedtech storm/6.x-1.23
version/speedtech storm/6.x-1.24
version/speedtech storm/6.x-1.25
version/speedtech storm/6.x-1.26
version/speedtech storm/6.x-1.27
version/speedtech storm/6.x-1.28
version/speedtech storm/6.x-1.29
version/speedtech storm/6.x-1.30
version/speedtech storm/6.x-1.31
version/speedtech storm/6.x-1.32
version/speedtech storm/6.x-1.x-dev

CVE-2010-2158: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2158?

How do I fix CVE-2010-2158?

What software is affected by CVE-2010-2158?

Who can exploit CVE-2010-2158?

What are the potential impacts of CVE-2010-2158?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-2158?

How do I fix CVE-2010-2158?

What software is affected by CVE-2010-2158?

Who can exploit CVE-2010-2158?

What are the potential impacts of CVE-2010-2158?