
We found results for “”
CVE-2012-2068
Good to know:
Date: September 4, 2012
Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) node_title or (2) nodequeue_title parameter.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Cross-Site Scripting (XSS)
CWE-79Top Fix

Upgrade Version
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | |
Access Complexity (AC): | |
Authentication (AU): | |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |
Additional information: |