Vulnerabilities > Drupal > Data

DATE CVE VULNERABILITY TITLE RISK
2020-01-14 CVE-2011-2715 SQL Injection vulnerability in Drupal Data and Drupal
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
network
low complexity
drupal CWE-89
7.5
2020-01-14 CVE-2011-2714 Cross-site Scripting vulnerability in Drupal Data and Drupal
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
network
drupal CWE-79
4.3