Description

Cross-site scripting (XSS) vulnerability in the Color module in Drupal 7.x before 7.24 allows remote attackers to inject arbitrary web script or HTML via vectors related to CSS.

Remediation

References

CVE-2013-6388

Related Vulnerabilities

MySQL CVE-2022-21479 Vulnerability (CVE-2022-21479)

Internet Information Services Other Vulnerability (CVE-2002-1694)

MySQL CVE-2018-3251 Vulnerability (CVE-2018-3251)

WordPress Plugin Comment Extra Fields 'cef-upload.php' Arbitrary File Upload (1.7)

Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.14)

Severity

Medium

Classification

CVE-2013-6388 CWE-707

Tags

Missing Update Known Vulnerabilities