Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-fp3q-mvf3-ggq3

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 5.4

Описание

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

Ссылки

EPSS

Процентиль: 44%
0.00221
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2016-3144

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2016-3144

CVSS3: 5.4
nvd
почти 10 лет назад

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

EPSS

Процентиль: 44%
0.00221
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2016-3144

Дефекты

CWE-79