Description

Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inject arbitrary web script or HTML via vectors involving unspecified Javascript functions that are used to select DOM elements.

Remediation

References

CVE-2013-0244

Related Vulnerabilities

WordPress Plugin Simple 301 Redirects by BetterLinks Unspecified Vulnerability (1.06)

WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)

axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-1214)

WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress Multiple Vulnerabilities (2.7.5)

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)

Severity

Low

Classification

CVE-2013-0244 CWE-707

Tags

Missing Update Known Vulnerabilities