CVE-2011-1066
23.02.2011, 01:00
Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors.
Vendor | Product | Version |
---|---|---|
reyero | messaging | 6.x-2.0:x |
reyero | messaging | 6.x-2.1:x |
reyero | messaging | 6.x-2.2:x |
reyero | messaging | 6.x-2.3:x |
reyero | messaging | 6.x-4.x:x |
reyero | messaging | 6.x-4.x:x |
reyero | messaging | 6.x-4.x:x |
reyero | messaging | 6.x-4.x:x |
reyero | messaging | 6.x-4.x:x |
reyero | messaging | 6.x-4.x:x |
𝑥
= Vulnerable software versions
References