Medium severity4.8NVD Advisory· Published Jan 9, 2020· Updated Jun 16, 2026
CVE-2012-5558
CVE-2012-5558
Description
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<6.x-1.1+ 1 more
- (no CPE)range: <6.x-1.1
- (no CPE)range: 6.x-1.x versions prior to 6.x-1.1
Patches
Vulnerability mechanics
References
4- drupal.org/node/1840892nvdVendor Advisory
- drupal.org/node/1840954nvdVendor Advisory
- drupal.org/node/1840956nvdVendor Advisory
- www.openwall.com/lists/oss-security/2012/11/20/4nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.