Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x prior to 6.x-1.0-beta3 and 7.x-1.x prior to 7.x-1.1 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ows scald 6.x-1.x |
||
ows scald 7.x-1.0 |
||
ows scald 6.x-1.0 |