Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) 5.x-7.x before 5.x-7.4, 5.x-8.x before 5.x-8.1, and 6.x-1.x before 6.x-1.4, a module for Drupal, allows remote authenticated users, with create or edit group nodes permissions, to inject arbitrary web script or HTML via the User-Agent HTTP header, a different issue than CVE-2008-3095.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Organic Groups跨站脚本攻击漏洞
Vulnerability Description
Drupal Organic Groups (OG) 5.x-7.x5.x-7.4版本之前的5.x-7.x版本, 5.x-8.1版本之前的版本5.x-8.x,以及6.x-1.4版本之前的6.x-1.x版本中存在跨站脚本攻击漏洞。 具有创建或编辑群组节点许可的远程验证用户可以借助User-Agent HTTP页眉,注入任意web或HTML。
CVSS Information
N/A
Vulnerability Type
N/A