CVE-2013-4140
Drupalisme Tinybox < 7.x-2.1 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in the TinyBox (Simple Splash) module before 7.x-2.2 for Drupal allows remote authenticated users with the "administer tinybox" permission to inject arbitrary web script or HTML via unspecified vectors.
References (8)
Scores
EPSS
0.0035
EPSS Percentile
57.5%
Details
CWE
CWE-79
Status
published
Products (11)
drupalisme/tinybox
< 7.x-2.1
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
drupalisme/tinybox
... and 1 more
Published
Jul 29, 2013
Tracked Since
Feb 18, 2026