1 results (0.003 seconds)
CVSS: 5.4EPSS: 0%CPEs: 24EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 24EXPL: 0CVE-2012-0914
https://notcve.org/view.php?id=CVE-2012-0914
24 Jan 2012 — Cross-site scripting (XSS) vulnerability in display_renderers/panels_renderer_editor.class.php in the admin view in the Panels module 6.x-2.x before 6.x-3.10 and 7.x-3.x before 7.x-3.0 for Drupal allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the Region title. Vulnerbilidad de ejecución de secuencias de comandos web en sitios cruzados (XSS) en display_renderers/panels_renderer_editor.class.php en la vista de administración en el módulo Panels v6.x-2.x an... • http://drupal.org/node/1409436 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •