Description
Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in the (1) filter and (2) system modules. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-2452 Vulnerability (CVE-2013-2452)
MySQL CVE-2022-21327 Vulnerability (CVE-2022-21327)
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5475)
WordPress Plugin Register IPs Unspecified Vulnerability (1.8.0)
Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)