Lucene search
K

4 matches found

NVD
NVD
added 2026/04/24 1:16 a.m.6 views

CVE-2026-34587

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... ...

8.1CVSS0.00334EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/04/21 6:0 p.m.25 views

CVE-2015-3390

Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

5.2AI score0.00965EPSS
Exploits0References4
CVE
CVE
added 2015/04/21 6:0 p.m.51 views

CVE-2015-3390

CVE-2015-3390 corresponds to an XSS vulnerability in the Drupal module Facebook Album Fetcher . The issue arises from printing fields without proper sanitization, allowing remote authenticated users with the "access administration pages" permission to inject arbitrary script/HTML via unspecified ...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/09/18 8:0 p.m.25 views

CVE-2012-1658

Cross-site scripting XSS vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users with the access administration pages permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.01064EPSS
Exploits0References7
Rows per page
Query Builder