CVE-2012-0914

Cross-site scripting (XSS) vulnerability in display_renderers/panels_renderer_editor.class.php in the admin view in the Panels module 6.x-2.x before 6.x-3.10 and 7.x-3.x before 7.x-3.0 for Drupal allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the Region title.
Cross-site Scripting
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:N/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.0
earl_milespanels
6.x-3.1
earl_milespanels
6.x-3.2
earl_milespanels
6.x-3.3
earl_milespanels
6.x-3.4
earl_milespanels
6.x-3.5
earl_milespanels
6.x-3.7
earl_milespanels
6.x-3.8
earl_milespanels
6.x-3.9
earl_milespanels
6.x-3.x
earl_milespanels
7.x-3.0
earl_milespanels
7.x-3.0
earl_milespanels
7.x-3.0
earl_milespanels
7.x-3.x
𝑥
= Vulnerable software versions