2 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el módulo newsticker ticketyboo para Drupal permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://drupal.org/node/1482126 http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.securityfocus.com/bid/52502 https://exchange.xforce.ibmcloud.com/vulnerabilities/74056 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors. Múltiples vulnerabilidades sin especificar en el módulo Node2Node para Drupal con un impacto y vectores de ataque desconocidos. • http://drupal.org/node/572852 http://www.securityfocus.com/bid/36323 •