5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the βadminister imagemenuβ permission to inject arbitrary web script or HTML via an image file name.
osvdb.org/85679
secunia.com/advisories/50683
www.securityfocus.com/bid/55610
drupal.org/node/1788726
drupal.org/node/1789260
exchange.xforce.ibmcloud.com/vulnerabilities/78697