← back
CVE-2013-4229

CVE-2013-4229

EPSS 1.1%
Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users with permissions to add pages to inject arbitrary web script or HTML via a title in the page settings.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://drupalcode.org/project/monster_menus.git/blobdiff/4841dcb4e36bdc74efe4ae2459637029df929940..4adcb6b:/mm_static.inchttps://drupal.org/node/2059789https://drupal.org/node/2059823http://secunia.com/advisories/54391https://exchange.xforce.ibmcloud.com/vulnerabilities/86327http://www.openwall.com/lists/oss-security/2013/08/10/1http://www.securityfocus.com/bid/61710