CVE-2011-2714

CVE-2011-2714

EPSS 1.2%

A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.

Produtos afetados

Drupal · Data-module

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://seclists.org/fulldisclosure/2011/Feb/219 https://www.drupal.org/node/1056470 https://www.openwall.com/lists/oss-security/2011/07/26/8