4 matches found
CVE-2013-1906
Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...
CVE-2013-1906
Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...
CVE-2013-1906
The vulnerability CVE-2013-1906 affects the Drupal Rules module (7.x-2.x) prior to 7.x-2.3. It is a persistent XSS flaw caused by unsanitized rule tags displayed to users. Exploitation requires an attacker with the Drupal role/permission to administer rules and can inject arbitrary script/HTML vi...
CVE-2013-1906
Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...