Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:16 p.m.7 views

CVE-2012-1654

Multiple cross-site scripting XSS vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML via the title parameter in 1 data.views.inc a...

2.1CVSS5.6AI score0.01853EPSS
Exploits0References1
NVD
NVD
added 2012/09/18 8:55 p.m.16 views

CVE-2012-1654

Multiple cross-site scripting XSS vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML via the title parameter in 1 data.views.inc a...

2.1CVSS5.5AI score0.01853EPSS
Exploits0References10
Cvelist
Cvelist
added 2012/09/18 8:0 p.m.22 views

CVE-2012-1654

Multiple cross-site scripting XSS vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML via the title parameter in 1 data.views.inc a...

5.5AI score0.01853EPSS
Exploits0References10
CVE
CVE
added 2012/09/18 8:0 p.m.42 views

CVE-2012-1654

The CVE-2012-1654 case affects Drupal’s Data module (6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3). The vulnerability arises from insufficient escaping in the title used when creating tables, allowing remote authenticated users with the administer data tables permission to inject arbi...

2.1CVSS5.5AI score0.01853EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder