CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2007-5228
https://notcve.org/view.php?id=CVE-2007-5228
05 Oct 2007 — Cross-site scripting (XSS) vulnerability in the subscription functionality in the Project issue tracking module before 4.7.x-1.5, 4.7.x-2.x before 4.7.x-2.5, and 5.x-1.x before 5.x-1.1 for Drupal allows remote authenticated users with project create or edit permissions to inject arbitrary web script or HTML via unspecified vectors involving a (1) individual or (2) overview form. Vulnerabilidad de secuencia de comandos wn sitios cruzados (XSS) en la funcionalidad subscription en el asunto Project siguiendo e... • http://drupal.org/node/180568 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2007-1368
https://notcve.org/view.php?id=CVE-2007-1368
09 Mar 2007 — The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier. El módulo Project anterior 4.7.x-1.3, 4.7.x-2.* anterior a 4.7.x-2.3, y 5 anterior 5.x-0.2-beta para Drupal permite a usuarios remotos validados, con permisos "asuntos de acceso a proyecto", leer el contenido de un nodo privado a través ... • http://drupal.org/node/125832 •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2006-6646
https://notcve.org/view.php?id=CVE-2006-6646
20 Dec 2006 — Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Project Issue Tracking 4.7.x-1.0 and 4.7.x-2.0, and (2) Project 4.6.x-1.0, 4.7.x-1.0, and 4.7.x-2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, which do not use the check_plain function. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Drupal (1)Project Issue Tracking 4.7.x-1.0 y 4.7.x-2.0 y (2) Project 4.6.x-1.0, 4.7.x-1.0 y 4.7.x-2.0 permite a atacantes remotos la inyección d... • http://drupal.org/node/103943 •