Search...

Drupal Nivo Slider Module模块跨站脚本漏洞

2014-03-25T00:00:00

ID SSV:61908
Type seebug
Reporter Root
Modified 2014-03-25T00:00:00

Description

Bugtraq ID:66327

Drupal是一套开放源码的内容管理平台。

Drupal Nivo Slider模块没有正确过滤图像标题数据，允许远程攻击者利用漏洞注入恶意脚本或HTML代码，当恶意数据被查看时，可获取敏感信息或劫持用户会话。 0 Drupal Nivo Slider Module 7.x Drupal Nivo Slider Module 7.x-1.11已经修复该漏洞，建议用户下载更新： http://drupal.org/project/nivo_slider

JSON Vulners Source

Initial Source

{"href": "https://www.seebug.org/vuldb/ssvid-61908", "status": "details", "history": [], "bulletinFamily": "exploit", "modified": "2014-03-25T00:00:00", "title": "Drupal Nivo Slider Module\u6a21\u5757\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "", "cvelist": [], "description": "Bugtraq ID:66327\r\n\r\nDrupal\u662f\u4e00\u5957\u5f00\u653e\u6e90\u7801\u7684\u5185\u5bb9\u7ba1\u7406\u5e73\u53f0\u3002\r\n\r\nDrupal Nivo Slider\u6a21\u5757\u6ca1\u6709\u6b63\u786e\u8fc7\u6ee4\u56fe\u50cf\u6807\u9898\u6570\u636e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6ce8\u5165\u6076\u610f\u811a\u672c\u6216HTML\u4ee3\u7801\uff0c\u5f53\u6076\u610f\u6570\u636e\u88ab\u67e5\u770b\u65f6\uff0c\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\n0\nDrupal Nivo Slider Module 7.x\nDrupal Nivo Slider Module 7.x-1.11\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://drupal.org/project/nivo_slider", "viewCount": 2, "published": "2014-03-25T00:00:00", "sourceData": "", "id": "SSV:61908", "enchantments_done": [], "_object_type": "robots.models.seebug.SeebugBulletin", "type": "seebug", "lastseen": "2017-11-19T17:29:19", "reporter": "Root", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-11-19T17:29:19"}, "vulnersScore": 5.0}, "objectVersion": "1.4", "references": []}