MidnightBSD

Advisories for mathew_winstone

CVE-2012-2717 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tools module 6.x-2.x before 6.x-2.3 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) Mobile URL field or (2) Desktop URL field to the General configuration page, or the (3) message to the Mobile Tools block message options.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mathew_winstone mobile_tools 6.x-2.x
mathew_winstone mobile_tools 6.x-2.0
mathew_winstone mobile_tools 6.x-2.1
mathew_winstone mobile_tools 6.x-2.2