6 matches found
EUVD-2012-4419
Malware in sbrugna...
CVE-2012-4490
Multiple cross-site scripting XSS vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a 1 user name or 2 email address...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a 1 user name or 2 email address...
CVE-2012-4490
Multiple cross-site scripting XSS vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a 1 user name or 2 email address...
CVE-2012-4490
The CVE-2012-4490 issue affects the Drupal Excluded Users module (versions 6.x-1.x prior to 6.x-1.1). It enables cross-site scripting via two input fields: user name and email address. The documented impact is client-side script/HTML injection (XSS) with no server-side impact specified beyond tha...
SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)
Excluded Users is a helper module which allows administrators to select users to not appear in user listings. The module displays a list of user names and email addresses without sanitizing them. In the event that someone manages to insert malicious code into a user name or email address, this...