Cross-site scripting (XSS) vulnerability in the administrative interface in the Campaign Monitor module before 6.x-2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this refers to an issue in an independently developed Drupal module, and NOT an issue in the Campaign Monitor software itself (described on the campaignmonitor.com web site).
References
Link | Resource |
---|---|
http://drupal.org/node/1689790 | Patch |
http://drupal.org/node/1691446 | Patch Vendor Advisory |
http://www.openwall.com/lists/oss-security/2012/10/04/6 | |
http://www.openwall.com/lists/oss-security/2012/10/07/1 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2012-10-31T16:00:00
Updated: 2018-06-26T03:57:01
Reserved: 2012-08-21T00:00:00
Link: CVE-2012-4484
JSON object: View
NVD Information
Status : Modified
Published: 2012-10-31T16:55:02.937
Modified: 2018-06-27T01:29:00.247
Link: CVE-2012-4484
JSON object: View
Redhat Information
No data.
CWE