exploitDog

GHSA-7p6w-2mrq-wqmv

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a different vulnerability than CVE-2009-3479.

Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a different vulnerability than CVE-2009-3479.

Ссылки

EPSS

Процентиль: 45%

0.00226

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2009-3488

nvd

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a different vulnerability than CVE-2009-3479.

EPSS

Процентиль: 45%

0.00226

Низкий

CVE ID

Дефекты

CWE-79