3 matches found
CVE-2012-2084
Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...
CVE-2012-2084
The CVE-2012-2084 case affects Drupal’s Printer, email and PDF versions module (6.x-1.x before 6.x-1.15; 7.x-1.x before 7.x-1.0). The root cause is insufficient escaping of URL elements when rendering content, allowing remote attackers to inject arbitrary scripts/HTML (XSS) via likely PATH_INFO v...
SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS)
CVE: CVE-2012-2084 This module provides printer-friendly versions of content, including send by e-mail and PDF versions. The module doesn't sufficiently escape URL elements which are printed back to the user. Versions affected Printer, email and PDF versions 6.x-1.x versions prior to 6.x-1.15...