Cross site scripting

2012-09-0500:55:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.3%

JSON

Cross-site scripting (XSS) vulnerability in the Language Icons module 6.x-2.x before 6.x-2.1 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with administer languages permissions to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
languageiconseq6.x-2.0 rc2
languageiconseq6.x-2.0 rc1
languageiconseq6.120.20
languageiconseq6.x-2.0 alpha1
languageiconseq6.x-2.1 rc1
languageiconseq6.x-2.x dev
languageiconseq7.x-1.0 alpha1
languageiconseq7.x-1.0 rc1
languageiconseq7.x-1.0 beta1
languageiconseq7.x-1.x dev

Name	Operator	Version
languageicons	eq	6.x-2.0 rc2
languageicons	eq	6.x-2.0 rc1
languageicons	eq	6.120.20
languageicons	eq	6.x-2.0 alpha1
languageicons	eq	6.x-2.1 rc1
languageicons	eq	6.x-2.x dev
languageicons	eq	7.x-1.0 alpha1
languageicons	eq	7.x-1.0 rc1
languageicons	eq	7.x-1.0 beta1
languageicons	eq	7.x-1.x dev