Inline Entity Form
1 CVEs
product
Monthly
Cross-site scripting (XSS) vulnerability in the Inline Entity Form module 7.x-1.x before 7.x-1.6 for Drupal allows remote authenticated users with permission to create or edit fields to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
XSS
Inline Entity Form
NVD
CVSS 2.0
4.3
EPSS
0.4%
EPSS 0%
CVSS 4.3
MEDIUM
PATCH
This Month
Cross-site scripting (XSS) vulnerability in the Inline Entity Form module 7.x-1.x before 7.x-1.6 for Drupal allows remote authenticated users with permission to create or edit fields to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
XSS
Inline Entity Form
NVD