Unrated severityNVD Advisory· Published Dec 3, 2012· Updated Jun 16, 2026
CVE-2012-5559
CVE-2012-5559
Description
Cross-site scripting (XSS) vulnerability in the page manager node view task in the Chaos tool suite (ctools) module 6.x-1.x before 6.x-1.10 for Drupal allows remote authenticated users with permissions to submit or edit nodes to inject arbitrary web script or HTML via the page title.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha1:*:*:*:drupal:*:*+ 18 more
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha1:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha2:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:alpha3:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta1:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta2:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta3:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:beta4:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0:rc1:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.3:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.4:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.6:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.7:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.8:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.9:*:*:*:*:drupal:*:*
- cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.x:dev:*:*:*:drupal:*:*
- Range: >=6.x-1.0, <6.x-1.10
Patches
Vulnerability mechanics
References
4- drupal.org/node/1840992nvdPatchVendor Advisory
- drupal.org/node/1841030nvdPatch
- secunia.com/advisories/51259nvd
- www.openwall.com/lists/oss-security/2012/11/20/4nvd
News mentions
0No linked articles in our index yet.