The vulnerability of the View Password module in Drupal CMS systems, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the View Password module in the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026

The View Password module enables you to add a help icon button next to the password input field to toggle the password visibility. The administrative user is allowed to add classes to this icon for styling purposes. The module doesn't validate the content of classes. A malicious user with access ...

Drupal View Password module < 6.0.4 - Administrator+ Cross Site Scripting (XSS) vulnerability

Administrator+ Cross Site Scripting XSS vulnerability discovered by Ide Braakman in WordPress Module View Password versions 6.0.4...