CVE-2011-1066

Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:reyero:messaging:6.x-4.x:beta1:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-4.x:beta3:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-2.0:*:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-2.1:*:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-4.x:beta7:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-4.x:beta4:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-4.x:beta5:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-4.x:beta6:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-2.2:*:*:*:*:*:*:*
cpe:2.3:a:reyero:messaging:6.x-2.3:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Information

Published : 2011-02-22 17:00

Updated : 2017-08-16 18:33


NVD link : CVE-2011-1066

Mitre link : CVE-2011-1066


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

drupal

  • drupal

reyero

  • messaging