Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.33 views

SUSE CVE-2009-2079

Cross-site scripting XSS vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to injec...

3.5CVSS5.9AI score0.01028EPSS
Exploits1References3
Prion
Prion
added 2012/12/03 9:55 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/12/03 9:0 p.m.26 views

CVE-2012-5553

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...

5.4AI score0.00941EPSS
Exploits0References5
Drupal
Drupal
added 2012/09/12 12:0 a.m.18 views

SA-CONTRIB-2012-140 - Inf08 - Cross Site Scripting (XSS)

Inf08 is a valid XHTML 1.0 Strict / CSS 2.1 theme ported from the free CSS template. The theme contains an arbitrary script injection vulnerability XSS due to the fact that it fails to sanitize user supplied taxonomy vocabulary names before display. This vulnerability is mitigated by the fact tha...

7AI score
Exploits0References9
NVD
NVD
added 2010/04/08 4:30 p.m.9 views

CVE-2010-1303

Multiple cross-site scripting XSS vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary 1...

2.1CVSS5.5AI score0.01323EPSS
Exploits0References5
Prion
Prion
added 2009/06/16 7:30 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via vocabulary names...

3.5CVSS5.8AI score0.01028EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2009/06/16 7:30 p.m.17 views

CVE-2009-2074

Cross-site scripting XSS vulnerability in Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via vocabulary names...

3.5CVSS5.4AI score0.01028EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2009/06/16 12:0 a.m.6 views

PT-2009-4532 · Drupal · Drupal Taxonomy Manager

Name of the Vulnerable Software and Affected Versions: Drupal Taxonomy manager versions 5.x before 5.x-1.2 Drupal Taxonomy manager versions 6.x before 6.x-1.1 Description: A cross-site scripting XSS issue exists in the administrative page interface of the Taxonomy manager module for Drupal. This...

3.5CVSS5.2AI score0.01028EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2009/06/16 12:0 a.m.11 views

PT-2009-4527 · Drupal · Nodequeue

Name of the Vulnerable Software and Affected Versions: Nodequeue versions 5.x before 5.x-2.7 Nodequeue versions 6.x before 6.x-2.2 Description: A cross-site scripting XSS issue allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via...

3.5CVSS5.2AI score0.01028EPSS
Exploits1References7
NVD
NVD
added 2007/10/22 7:46 p.m.24 views

CVE-2007-5621

Multiple cross-site scripting XSS vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote authenticated users with a...

3.5CVSS5.5AI score0.00842EPSS
Exploits0References4
Rows per page
Query Builder