Cross site scripting

2012-02-1400:55:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in revisioning_theme.inc in the Taxonomy module in the Revisioning module 6.x-3.13 and other versions before 6.x-3.14 for Drupal allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) tags or (2) term parameters.

CPENameOperatorVersion
revisioningeq6.120.313

CPE	Name	Operator	Version
	revisioning	eq	6.120.313

References

drupalcode.org/project/revisioning.git/commit/768c882

secunia.com/advisories/47931

www.madirish.net/content/drupal-revisioning-6x-313-xss-vulnerability

www.securityfocus.com/bid/51923

drupal.org/node/1431114

drupal.org/node/1433550