CVE-2012-5553

OM Maximenu <7.x-1.44 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the (1) Menu Title (2) Link Title, (3) Path Query, (4) Anchor, or (5) vocabulary names.

References (5)

Scores

EPSS 0.0026
EPSS Percentile 48.8%

Details

CWE
CWE-79
Status published
Products (50)
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
daniel_honrade/om_maximenu
... and 40 more
Published Dec 03, 2012
Tracked Since Feb 18, 2026