CVE-2012-1657 in Block Classinformation

Résumé

par MITRE

Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Réserver

12/03/2012

Divulgation

18/09/2012

Modérer

accepté

Entrée

VDB-62327

CPE

prêt

EPSS

0.01607

KEV

non

Activités

très faible

Sources

Want to know what is going to be exploited?

We predict KEV entries!