CVE-2013-0181

Thomas Seidl Search API - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject arbitrary web script or HTML via unspecified input, which is returned in an error message.

References (8)

Scores

EPSS 0.0050
EPSS Percentile 65.8%

Details

CWE
CWE-79
Status published
Products (17)
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
thomas_seidl/search_api
... and 7 more
Published Mar 27, 2013
Tracked Since Feb 18, 2026