Description

Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."

Remediation

References

CVE-2012-2339

Related Vulnerabilities

WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Upload (6.4)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.6)

MySQL CVE-2021-2339 Vulnerability (CVE-2021-2339)

SharePoint CVE-2020-1448 Vulnerability (CVE-2020-1448)

WordPress Plugin CONTUS VBLOG-Video Blogging 'save.php' Arbitrary File Upload (1.0)

Severity

Medium

Classification

CVE-2012-2339 CWE-707

Tags

Missing Update Known Vulnerabilities