CVE-2025-41106 Multiple vulnerabilities in Fairsketch's RISE CRM Framework

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...

CVE-2012-2075

Cross-site scripting XSS vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2075

CVE-2012-2075 is a Cross-Site Scripting vulnerability in the Drupal Contributed module Contact Save (6.x-1.x) prior to version 6.x-1.5 . The issue arises because the module does not sufficiently filter user-submitted text, allowing a remote authenticated user with the access site-wide contact for...

CVE-2012-2075

Cross-site scripting XSS vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arbitrary web script or HTML via unspecified vectors...

SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting

CVE: CVE-2012-2075 This module stores in the database all messages submitted through the core contact forms, and provides a way to respond to these messages through the website. The module doesn't sufficiently filter user supplied text, leading to a cross-site scripting XSS vulnerability. This...