1 results (0.001 seconds)
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2010-2002
https://notcve.org/view.php?id=CVE-2010-2002
20 May 2010 — Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo Wordfilter v5.x anteriores a v5.x-1.1 y 6.x anteriores v6.x-1.1 para Drupal permite a usuarios autenticados en remoto, con privilegios "administer words filtered", inyectar cód... • http://drupal.org/node/796618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •