Description
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
Remediation
References
Related Vulnerabilities
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9104)
WordPress Plugin Ultimate Addons for Beaver Builder Cross-Site Scripting (1.24.3)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.05)
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0196)
PrestaShop Improper Authentication Vulnerability (CVE-2021-21308)