CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2012-6574
https://notcve.org/view.php?id=CVE-2012-6574
Cross-site scripting (XSS) vulnerability in the Fonecta verify module 7.x-1.x before 7.x-1.6 for Drupal allows remote attackers from certain sources to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el módulo Fonecta verify 7.x-1.x anterior a 7.x-1.6 para Drupal, lo que permite a atacantes remotos desde diferentes orígenes inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://www.securityfocus.com/bid/55614 https://drupal.org/node/1778782 https://drupal.org/node/1789258 https://exchange.xforce.ibmcloud.com/vulnerabilities/78699 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •