RSS   Podatności dla 'Taxonomy manager'   RSS

2013-03-27
 
CVE-2013-0320

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack the authentication of users with 'administer taxonomy' permissions via unspecified vectors.

 
2009-06-16
 
CVE-2009-2083

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the term data detail page in Taxonomy manager 5.x before 5.x-1.2, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML via "Parent and related terms."

 


Copyright 2024, cxsecurity.com

 

Back to Top