Vulnerabilities > Wimleers > Hierarchical Select

DATE CVE VULNERABILITY TITLE RISK
2012-09-19 CVE-2012-1652 Cross-Site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to "the vocabulary's help text."
network
high complexity
wim-leers drupal wimleers CWE-79
2.1
2.1
2010-07-13 CVE-2010-2724 Cross-Site Scripting vulnerability in Wimleers Hierarchical Select
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchical_select form.
network
high complexity
wimleers drupal CWE-79
2.1
2.1