Vulnerabilities > Date Project > Date > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-20 | CVE-2014-5169 | Cross-Site Scripting vulnerability in Date Project Date 7.X2.7 Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title. | 3.5 |