Date
Monthly
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.