Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject arbitrary web script or HTML via vectors related to the configuration.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-08-25T16:00:00
Updated: 2024-08-06T11:48:49.498Z
Reserved: 2014-08-25T00:00:00
Link: CVE-2014-5456
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-08-25T16:55:05.650
Modified: 2015-08-06T16:28:04.287
Link: CVE-2014-5456
Redhat
No data.