Cross site scripting

2014-01-3115:07:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Cross-site scripting (XSS) vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the “access administration pages” permission to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
jquery_countdowneq7.120.10

CPE	Name	Operator	Version
	jquery_countdown	eq	7.120.10

References

www.securityfocus.com/bid/62340

drupal.org/node/2087089

drupal.org/node/2087095