13 matches found
CVE-2026-31354
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
GHSA-XQM9-6QMM-XRQH Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
EUVD-2026-19344
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
Cross-site Scripting (XSS)
Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Group, Category, or Description parameters in the Permissions module. An attacker can execute arbitrary web scripts or HTML by injecting crafted payloads into...
CVE-2026-31354
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
CVE-2026-31354
Feehi CMS v2.1.1 has multiple authenticated stored XSS in the Permissions module. The vulnerability arises from accepting crafted payloads in the Group, Category, or Description parameters, allowing execution of arbitrary web scripts/HTML by authenticated users who view affected content. The prov...
CVE-2026-31354
Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...
CVE-2012-1643
The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vectors...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Resource and Permissions module of the admin console. A privileged user can inject scripts during the creation of a permission. Details Cross-site scripting or XSS is a code vulnerability that occurs when...
PT-2025-2097 · Drupal · Drupal
Name of the Vulnerable Software and Affected Versions: Drupal Block permissions versions 1.0.0 through 1.2.0 Description: The issue is related to an incorrect authorization mechanism in the Block permissions module of the Drupal CMS system. This can allow a remote attacker to impact the...
CVE-2012-1643
The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vectors...
Fedora Update for drupal7-field_permissions FEDORA-2012-1390
Check for the Version of drupal7-fieldpermissions OpenVAS Vulnerability Test Fedora Update for drupal7-fieldpermissions FEDORA-2012-1390 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...