Unrated severityNVD Advisory· Published Jun 25, 2013· Updated Apr 29, 2026
CVE-2012-6573
CVE-2012-6573
Description
Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
Affected products
9cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:6.x-1.x:dev:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:alejandro_garza:apachesolr_autocomplete:7.x-1.x:dev:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- drupal.org/node/1762684nvdPatchVendor Advisory
- drupal.org/node/1762686nvdPatchVendor Advisory
- drupal.org/node/1762734nvdPatchVendor Advisory
- secunia.com/advisories/50443nvdVendor Advisory
- osvdb.org/85062nvd
- seclists.org/fulldisclosure/2013/Jun/212nvd
- www.securityfocus.com/bid/55290nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/78153nvd
News mentions
0No linked articles in our index yet.