Vulnerabilities > Wimleers > Hierarchical Select > 6.x.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-19 | CVE-2012-1652 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to "the vocabulary's help text." | 2.1 |
2010-07-13 | CVE-2010-2724 | Cross-Site Scripting vulnerability in Wimleers Hierarchical Select Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchical_select form. | 2.1 |