Description
Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in the (1) filter and (2) system modules. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.40)
Drupal Cryptographic Issues Vulnerability (CVE-2013-6386)
MySQL CVE-2018-3161 Vulnerability (CVE-2018-3161)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)