PT-2015-6210 · Drupal · Facebook Album Fetcher+1
Pere Orga
·
Publicado
2015-04-21
·
Atualizado
2017-09-08
·
CVE-2015-3390
CVSS v2.0
3.5
Baixa
| Vetor | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Drupal (affected versions not specified)
Description
A cross-site scripting (XSS) issue exists in the Facebook Album Fetcher module, allowing remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal
Facebook Album Fetcher