CVE-2012-4476

David Alkire Drag & Drop Gallery - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Patch, Vendor Advisory] http://drupal.org/node/1679442

[Mailing List] http://www.openwall.com/lists/oss-security/2012/10/04/5

Scores

EPSS 0.0026

EPSS Percentile 49.4%

Details

CWE

CWE-79

Status published

Products (2)

david_alkire/drag_\&_drop_gallery

n/a/n/a

Published Nov 30, 2012

Tracked Since Feb 18, 2026