Cross site scripting

2009-12-3119:30:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
faq_askeq5.x-1.0 beta4
faq_askeq5.x-1.0 beta2
faq_askeq5.x-1.0 beta1
faq_askeq5.120.10
faq_askeq5.x-1.0 beta3
faq_askeq5.120.11
faq_askeq5.120.12
faq_askeq5.120.13
faq_askeq5.x-1.x dev
faq_askeq6.x-1.0 beta1

Name	Operator	Version
faq_ask	eq	5.x-1.0 beta4
faq_ask	eq	5.x-1.0 beta2
faq_ask	eq	5.x-1.0 beta1
faq_ask	eq	5.120.10
faq_ask	eq	5.x-1.0 beta3
faq_ask	eq	5.120.11
faq_ask	eq	5.120.12
faq_ask	eq	5.120.13
faq_ask	eq	5.x-1.x dev
faq_ask	eq	6.x-1.0 beta1

Rows per page:

1-10 of 161

References

secunia.com/advisories/37201

www.securityfocus.com/bid/36877

www.vupen.com/english/advisories/2009/3088

drupal.org/node/617444