Views@6.x-2.x Security Vulnerabilities and Issues — Views@6.x-2.x CVE List

Lucene search

Earl MilesViews6.x-2.x

4 matches found

CVE•added 2010/12/23 6:0 p.m.•40 views

CVE-2010-4521

Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.

4.3CVSS5.7AI score0.00281EPSS

CVE•added 2010/12/23 6:0 p.m.•38 views

CVE-2010-4520

Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator feed title.

4.3CVSS5.9AI score0.00231EPSS

CVE•added 2012/02/17 11:55 p.m.•38 views

CVE-2011-4113

SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments."

7.5CVSS8.6AI score0.01276EPSS

CVE•added 2010/12/23 6:0 p.m.•35 views

CVE-2010-4519

Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable all Views or (2) disable all Views.

6.8CVSS7.5AI score0.00098EPSS