Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 3:34 a.m.7 views

CVE-2012-5705

Cross-site scripting XSS vulnerability in the settings page admin/settings/hotblocks in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to inject arbitrary web script or HTML via the "block names."...

2.1CVSS5.5AI score0.00232EPSS
Exploits1References1
CVE
CVEadded 2012/11/01 10:0 a.m.40 views

CVE-2012-5705

CVE-2012-5705 concerns the Hotblocks Drupal contributed module (6.x-1.x prior to 6.x-1.8). The vulnerability is an XSS in the settings page (admin/settings/hotblocks) caused by insufficient sanitization of the block names input, allowing remote authenticated users with the administer hotblocks pe...

2.1CVSS5.4AI score0.00232EPSS
Exploits1References5Affected Software1
Drupal
Drupaladded 2012/08/15 12:0 a.m.18 views

SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)

The Hotblocks module provides an enhanced GUI for administering blocks and block content that is intended to be simpler and more controllable for less privileged users than the default block administration tools. Cross Site Scripting XSS The module doesn't sufficiently sanitize the user input for...

5.4AI score
Exploits0References9
Rows per page
Query Builder