Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x prior to 7.29 allows remote malicious users to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 7.0 |
||
drupal drupal 7.10 |
||
drupal drupal 7.11 |
||
drupal drupal 7.12 |
||
drupal drupal 7.13 |
||
drupal drupal 7.26 |
||
drupal drupal 7.27 |
||
drupal drupal 7.3 |
||
drupal drupal 7.4 |
||
drupal drupal 7.19 |
||
drupal drupal 7.2 |
||
drupal drupal 7.20 |
||
drupal drupal 7.21 |
||
drupal drupal 7.9 |
||
drupal drupal 7.x-dev |
||
drupal drupal 7.1 |
||
drupal drupal 7.14 |
||
drupal drupal 7.16 |
||
drupal drupal 7.18 |
||
drupal drupal 7.22 |
||
drupal drupal 7.24 |
||
drupal drupal 7.6 |
||
drupal drupal 7.8 |
||
drupal drupal 7.28 |
||
drupal drupal 7.15 |
||
drupal drupal 7.17 |
||
drupal drupal 7.23 |
||
drupal drupal 7.25 |
||
drupal drupal 7.5 |
||
drupal drupal 7.7 |