Lucene search
Veracode Vulnerability DatabaseVERACODE:6280HistoryMay 11, 2018 - 9:03 a.m.
Cross-site Scripting (XSS)
2018-05-1109:03:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.002 Low
EPSS
Percentile
51.7%
drupal/drupal is vulnerable to cross-site scripting (XSS) attacks. The checkPlain function doesn’t properly sanitize escape characters, allowing a malicious user to inject and execute arbitrary Javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| drupal/drupal | le | 8.4.4 | |
| drupal/core | le | 8.4.4 |
References
Related
ubuntucve
ubuntucve
CVE-2017-6927
2018-03-01 00:00:00
friendsofphp
friendsofphp
JavaScript cross-site scripting prevention is incomplete.
2018-02-20 21:35:13
JavaScript cross-site scripting prevention is incomplete.
2018-02-20 21:35:13
debiancve
debiancve
CVE-2017-6927
2018-03-01 23:29:00
nvd
nvd
CVE-2017-6927
2018-03-01 23:29:00
cve
cve
CVE-2017-6927
2018-03-01 23:29:00
cvelist
cvelist
CVE-2017-6927
2018-02-21 00:00:00
osv
osv
CVE-2017-6927
2018-03-01 23:29:00
Drupal cross-site scripting vulnerability
2022-05-14 03:35:58
drupal7 - security update
2018-02-24 00:00:00
prion
prion
Cross site scripting
2018-03-01 23:29:00
github
github
Drupal cross-site scripting vulnerability
2022-05-14 03:35:58
debian
debian
[SECURITY] [DLA 1295-1] drupal7 security update
2018-02-28 15:16:47
nessus
nessus
Debian DSA-4123-1 : drupal7 - security update
2018-02-26 00:00:00
Drupal 7.x < 7.57 Multiple Vulnerabilities (SA-CORE-2018-001)
2018-03-01 00:00:00
Drupal 8.5.x < 8.5.0-rc1 Multiple Vulnerabilities
2018-11-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4123-1)
2018-02-23 00:00:00
Debian: Security Advisory (DLA-1295-1)
2018-03-26 00:00:00
Fedora Update for drupal7 FEDORA-2018-b9ad458866
2018-05-12 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: drupal7-7.58-1.fc27
2018-04-10 19:11:10
[SECURITY] Fedora 26 Update: drupal7-7.58-1.fc26
2018-04-10 18:30:33
[SECURITY] Fedora 27 Update: drupal7-7.59-1.fc27
2018-05-10 19:16:35
freebsd
freebsd
drupal -- Drupal Core - Multiple Vulnerabilities
2018-02-21 00:00:00