1 results (0.001 seconds)

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group. Vulnerabilidad de XSS en el módulo OG tabs anterior a 7.x-1.1 para Drupal permite a usuarios remotos autenticados con ciertos permisos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores relacionados con nodos publicados en un grupo Organic Groups. • http://www.openwall.com/lists/oss-security/2015/04/25/6 http://www.securityfocus.com/bid/73054 https://www.drupal.org/node/2404115 https://www.drupal.org/node/2450427 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •