Description
Cross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3)
WordPress Plugin Shoppable Images Multiple Vulnerabilities (1.2.3)
WordPress Plugin HD Quiz Cross-Site Scripting (1.8.3)
SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)
WordPress Plugin Flow-Flow Social Stream Unspecified Vulnerability (3.0.71)