Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Drupal
Drupaladded 2015/03/11 12:0 a.m.23 views

SA-CONTRIB-2015-074 - Site Documentation - Cross Site Scripting (XSS)

Site Documentation module enables you to display detailed configuration information. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user with...

3.5CVSS6AI score0.00152EPSS
Exploits0References10
Drupal
Drupaladded 2012/05/09 12:0 a.m.27 views

SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)

CVE: CVE-2012-2339 The glossary module scans posts for glossary terms, adding an indicator. By hovering over the indicator, users may learn the definition of that term. The module does not sufficiently sanitize the taxonomy information. This leaves sites vulnerable to Cross-Site Scripting attacks...

4.3CVSS5.8AI score0.00925EPSS
Exploits0References11
Drupal
Drupaladded 2008/05/14 12:0 a.m.8 views

SA-2008-030 - Site Documentation - Privilege escalation

The contributed module Site Documentation intends to assist developers and administrators when they start working with a new site by showing them information from the database. All users with the "access content" permission are able to use the module to list arbitrary tables from the database. In...

7.2AI score
Exploits0References5
Rows per page
Query Builder