A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
2020-01-14T22:15:11.430
2024-11-21T01:28:49.020
Modified
CVSSv3.1: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | drupal | data | 6.x-1.0 | Yes |
Application | drupal | drupal | 6.20 | Yes |