Cross site scripting

2012-09-1919:55:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON

Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integrator (TVI) module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to “views pages.”

CPENameOperatorVersion
taxonomy_view_integrator_moduleeq6.x-1.0 beta2
taxonomy_view_integrator_moduleeq6.x-1.0 beta4
taxonomy_view_integrator_moduleeq6.120.10
taxonomy_view_integrator_moduleeq6.x-1.0 beta1
taxonomy_view_integrator_moduleeq6.x-1.0 beta3
taxonomy_view_integrator_moduleeq6.120.11
taxonomy_view_integrator_moduleeq6.120.12

Name	Operator	Version
taxonomy_view_integrator_module	eq	6.x-1.0 beta2
taxonomy_view_integrator_module	eq	6.x-1.0 beta4
taxonomy_view_integrator_module	eq	6.120.10
taxonomy_view_integrator_module	eq	6.x-1.0 beta1
taxonomy_view_integrator_module	eq	6.x-1.0 beta3
taxonomy_view_integrator_module	eq	6.120.11
taxonomy_view_integrator_module	eq	6.120.12