Lucene search
K

5 matches found

NVD
NVD
added 2011/07/08 10:55 p.m.13 views

CVE-2010-4813

Cross-site scripting XSS vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help...

3.5CVSS5.4AI score0.00885EPSS
Exploits0References5
Prion
Prion
added 2011/07/08 10:55 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help...

3.5CVSS5.8AI score0.00885EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2011/07/08 10:0 p.m.44 views

CVE-2010-4813

The CVE-2010-4813 issue affects the Drupal Category Tokens module (Drupal 6.x) prior to version 6.x-1.1. The vulnerability arises in how vocabulary names are processed in token help, allowing XSS. Exploitation requires remote authentication with taxonomy administration permissions, enabling an at...

3.5CVSS5.5AI score0.00885EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/07/08 10:0 p.m.17 views

CVE-2010-4813

Cross-site scripting XSS vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help...

5.4AI score0.00885EPSS
Exploits0References5
Drupal
Drupal
added 2010/11/10 12:0 a.m.14 views

SA-CONTRIB-2010-102 - Category tokens - Cross Site Scripting

The Category tokens module exposes additional tokens for the first and last terms related to a node for each vocabulary. The module does not sanitize the vocabulary names when displayed in token help, leading to a Cross-Site Scripting XSS vulnerability that may lead to a malicious user gaining fu...

5.9AI score
Exploits0References7
Rows per page
Query Builder