Cross-site scripting (XSS) vulnerability in the User Relationships module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-alpha5 for Drupal allows remote authenticated users with the "administer. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.
XSS
User Relationships
NVD
CVSS 2.0
2.1
EPSS
0.3%
Cross-site scripting (XSS) vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain roles to inject arbitrary web script or HTML. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.
XSS
Search Api Sorts
NVD
CVSS 2.0
2.1
EPSS
0.2%