CVE-2012-6583

Imagemenu - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer imagemenu" permission to inject arbitrary web script or HTML via an image file name.

References (6)

Scores

EPSS 0.0034
EPSS Percentile 56.0%

Details

CWE
CWE-79
Status published
Products (11)
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
imagemenu_project/imagemenu
... and 1 more
Published Aug 23, 2013
Tracked Since Feb 18, 2026