CVE-2012-6645

Cross-site scripting XSS vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than...

CVE-2012-6645

CVE-2012-6645 is an XSS vulnerability affecting Drupal Finder module autocomplete. The issue allows injection of arbitrary script/HTML via the node title in Finder 6.x-1.x (before 6.x-1.26), 7.x-1.x, and 7.x-2.x (before 7.x-2.0-alpha8). The underlying flaw is cross-site scripting in the autocompl...