Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the theme_views_bulk_operations_confirmation function in views_bulk_operations.module in Views Bulk Operations 5.x before 5.x-1.3 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to node titles. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Views Bulk Operations模块脚本注入漏洞
Vulnerability Description
Views Bulk Operations是Drupal中所使用的用于在节点更改视图的第三方模块。 Views Bulk Operations模块的theme_views_bulk_operations_confirmation()函数没有正确地处理节点标题。如果用户受骗查看了恶意的节点标题的话,就会导致在用户浏览器会话中注入并执行任意HTML和脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A