Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:30195
HistoryApr 29, 2021 - 12:06 a.m.

Cross-Site Scripting (XSS)

2021-04-2900:06:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross-site scripting
drupal
remote attacker
arbitrary javascript
browser execution
software

EPSS

0.001

Percentile

24.4%

drupal is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via the attribute_name parameter.