MidnightBSD

Advisories for nancy_wichmann

CVE-2012-2339 MEDIUM

Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
drupal drupal *
nancy_wichmann glossary 6.x-1.3
nancy_wichmann glossary 6.x-1.0
nancy_wichmann glossary 6.x-1.4
nancy_wichmann glossary 6.x-1.1
nancy_wichmann glossary 6.x-1.5
nancy_wichmann glossary 6.x-1.6
nancy_wichmann glossary 6.x-1.2
CVE-2012-2711 LOW

Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
nancy_wichmann taxonomy_list 6.x-1.1
nancy_wichmann taxonomy_list 6.x-1.x-dev
nancy_wichmann taxonomy_list 6.x-1.0-beta1
nancy_wichmann taxonomy_list 6.x-1.0
nancy_wichmann taxonomy_list 6.x-1.2
nancy_wichmann taxonomy_list 6.x-1.3