MidnightBSD

Advisories for freelance-it-consultant

CVE-2013-7064 LOW

Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the "Administer EU Cookie Compliance popup" permission to inject arbitrary web script or HTML via unspecified configuration values.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
freelance-it-consultant eu_cookie_compliance 7.x-1.0
freelance-it-consultant eu_cookie_compliance 7.x-1.2
freelance-it-consultant eu_cookie_compliance 7.x-1.7
freelance-it-consultant eu_cookie_compliance 7.x-1.x
freelance-it-consultant eu_cookie_compliance 7.x-1.1
freelance-it-consultant eu_cookie_compliance 7.x-1.10
freelance-it-consultant eu_cookie_compliance 7.x-1.8
freelance-it-consultant eu_cookie_compliance *
freelance-it-consultant eu_cookie_compliance 7.x-1.9
freelance-it-consultant eu_cookie_compliance 7.x-1.6
CVE-2025-48917

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal EU Cookie Compliance (GDPR Compliance) allows Cross-Site Scripting (XSS).This issue affects EU Cookie Compliance (GDPR Compliance): from 0.0.0 before 1.26.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.0 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 1.6 3.4

Products Affected

Vendor Product Version
freelance-it-consultant eu_cookie_compliance *