exploitDog

GHSA-cg2x-449f-pwgw

Опубликовано: 05 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject arbitrary web script or HTML via unspecified input, which is returned in an error message.

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject arbitrary web script or HTML via unspecified input, which is returned in an error message.

Ссылки

EPSS

Процентиль: 65%

0.00503

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-0181

nvd

около 12 лет назад

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject arbitrary web script or HTML via unspecified input, which is returned in an error message.

EPSS

Процентиль: 65%

0.00503

Низкий

CVE ID

Дефекты

CWE-79