Lucene search
K

8 matches found

NVD
NVD
added 2014/12/10 8:59 p.m.22 views

CVE-2014-9363

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

5.5CVSS6.4AI score0.01308EPSS
Exploits0References2
CVE
CVE
added 2014/12/10 8:0 p.m.37 views

CVE-2014-9362

CVE-2014-9362 : A cross-site scripting (XSS) vulnerability in the Drupal contributed module Meta tags quick (7.x-2.x) up to version 7.x-2.7 (not affecting Drupal core) allows remote authenticated users who have the Edit path based meta tags permission to inject arbitrary HTML/JS via the path-base...

3.5CVSS5.3AI score0.00759EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/12/10 8:0 p.m.38 views

CVE-2014-9363

Open redirect vulnerability CVE-2014-9363 affects Drupal Meta tags quick module (7.x-2.x) prior to 7.x-2.8. The issue allows remote authenticated users to redirect others to arbitrary sites via the destination parameter in the path-based meta tag editing form. Impact is described as enabling phis...

5.5CVSS6.5AI score0.01308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/12/10 8:0 p.m.35 views

CVE-2014-9363

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

6.4AI score0.01308EPSS
Exploits0References2
Drupal
Drupal
added 2014/07/02 12:0 a.m.25 views

SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities

Meta tags quick adds meta tags editing to all non-administrative pages of Drupal site. Redirector abuse in path-based meta tag editing form When editing a path-based meta tag, module does not check destination parameter of the URL, allowing attacker to pass arbitrary URL to meta tag editing form...

5.5CVSS5.9AI score0.01308EPSS
Exploits0References11
NVD
NVD
added 2011/12/29 10:55 p.m.17 views

CVE-2011-5030

Cross-site scripting XSS vulnerability in the Meta tags quick module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, probably related to "names of entity bundles."...

3.5CVSS5.4AI score0.00935EPSS
Exploits0References5
CVE
CVE
added 2011/12/29 10:0 p.m.45 views

CVE-2011-5030

The CVE refers to a Cross-site scripting (XSS) vulnerability in the Drupal Meta tags quick module (7.x-2.x) prior to version 7.x-2.3. It allows remote authenticated users with certain permissions to inject arbitrary scripts/HTML via unspecified vectors (likely related to entity bundle names). Rem...

3.5CVSS5.5AI score0.00935EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2011/12/14 12:0 a.m.13 views

SA-CONTRIB-2011-059 - Meta tags quick - Cross Site Scripting (XSS)

The Meta tags quick module provides a simple tool to add meta tags to a site. The module doesn't consistently filter user input which could lead to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer...

6.5AI score
Exploits0References10
Rows per page
Query Builder