Lucene search
K

5 matches found

VulnCheck KEV
VulnCheck KEV
added 2022/01/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2013-0322

Cross-site scripting XSS vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field...

4.3CVSS6AI score0.01161EPSS
Exploits0References1
NVD
NVD
added 2013/03/27 9:55 p.m.20 views

CVE-2013-0322

Cross-site scripting XSS vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field...

4.3CVSS5.7AI score0.01161EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/03/27 9:0 p.m.27 views

CVE-2013-0322

Cross-site scripting XSS vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field...

5.7AI score0.01161EPSS
Exploits0References5
CVE
CVE
added 2013/03/27 9:0 p.m.190 views

CVE-2013-0322

CVE-2013-0322 affects the Drupal Ubercart module (7.x-3.x) prior to 7.x-3.4, with the XSS vulnerability arising in the Views integration when processing the full name field. The root cause is unsanitized output in the full name field, allowing remote attackers to inject arbitrary script/HTML. Pub...

4.3CVSS5.9AI score0.01161EPSS
In wildExploits0References5Affected Software1
Drupal
Drupal
added 2013/02/20 12:0 a.m.25 views

SA-CONTRIB-2013-020 - Ubercart - Cross site scripting (XSS)

The Ubercart module for Drupal provides a shopping cart and e-commerce features for Drupal. The "full name" field in Views did not properly sanitize output. The vulnerability is mitigated by the fact that an attacker must get far enough in the checkout process to store their name with an order. C...

4.3CVSS6.3AI score0.01161EPSS
Exploits0References10
Rows per page
Query Builder