Skip to main content

Date

2 CVEs product

Monthly

CVE-2014-5169 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Date
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-1626 MEDIUM PATCH This Month

SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

SQLi Date
NVD
CVSS 2.0
6.0
EPSS
0.6%
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Date
NVD
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

SQLi Date
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy