Description
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxonomy term, related to the actions feature and the trigger module.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-0644 Vulnerability (CVE-2016-0644)
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.9)
WordPress 4.3.x Prototype Pollution (4.3 - 4.3.27)
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
EspoCRM Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-38846)