Vulnerabilities > Video Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-21 | CVE-2015-3362 | Cross-site Scripting vulnerability in Video Project Video 7.X2.10 Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title. | 3.5 |
2013-03-19 | CVE-2013-0224 | Configuration vulnerability in Video Project Video The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file. | 4.4 |