1 results (0.022 seconds)

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

Cross-site scripting (XSS) vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag. Vulnerabilidad XSS en el módulo Rules 7.x-2.x anterior a 7.x-2.3 para Drupal, permite a usuarios autenticados remotamente con los permisos "administrator rules" inyectar secuencias de comandos web o HTML de su elección a través de una etiqueta "rule". • http://secunia.com/advisories/52768 https://drupal.org/node/1954508 https://drupal.org/node/1954592 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •