Lucene search
K

4 matches found

CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

Drupal Node Embed Module Remote Denial of Service Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Node Embed is one of the node modules used to integrate CKEditor's input filters into the content editor and embed them within the body of the article. A remote denial of service...

6.9AI score
Exploits0References1
Drupal
Drupal
added 2015/03/11 12:0 a.m.21 views

SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)

OG Tabs modules provides a secondary menu with links to nodes of the same OG group. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission t...

3.5CVSS6AI score0.00965EPSS
Exploits0References12
Drupal
Drupal
added 2014/05/14 12:0 a.m.12 views

SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass

This module allows each entity field to be individually edited via its own custom page, accessible via a tab on the entity's page. The module returns an incorrect value to hookmenu if the current user does not have access to edit the entity. This allows users who would not normally have access to...

6.8AI score
Exploits0References11
Drupal
Drupal
added 2012/09/19 12:0 a.m.17 views

SA-CONTRIB-2012-143 PRH Search - Cross Site Scripting (XSS)

PRH Search provides an interface to search for association information for Finnish association using the PRH Patentti- ja Rekisterihallitus database. The module fails to sanitize data retrieved from an untrusted third party source, thereby exposing an arbitrary script injection vulnerability XSS...

7.1AI score
Exploits0References9
Rows per page
Query Builder