exploitDog

GHSA-42mr-w3cr-f7h3

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu administration overview.

Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu administration overview.

Ссылки

EPSS

Процентиль: 37%

0.00156

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2009-4370

ubuntu

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu administration overview.

CVE-2009-4370

nvd

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu administration overview.

CVE-2009-4370

debian

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in the Menu module (modules/m ...

EPSS

Процентиль: 37%

0.00156

Низкий

CVE ID

Дефекты

CWE-79