1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2009-5096
https://notcve.org/view.php?id=CVE-2009-5096
13 Sep 2011 — Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter. Una vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en el módulo 'Flag Content' v5.x-2.x antes de v5.x-2.10 para Drupal permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro 'Reason'. • http://drupal.org/node/610868 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •