Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the subscription functionality in the Project issue tracking module before 4.7.x-1.5, 4.7.x-2.x before 4.7.x-2.5, and 5.x-1.x before 5.x-1.1 for Drupal allows remote authenticated users with project create or edit permissions to inject arbitrary web script or HTML via unspecified vectors involving a (1) individual or (2) overview form.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal的Project issue tracking module 跨站脚本攻击漏洞
Vulnerability Description
Drupal的Project issue tracking module的次脚本函数中存在跨站脚本攻击漏洞,可以创立项目或编辑许可的远程验证用户可以借助包含一个(1) individual或(2) overview组成的未明向量注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A