Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.25%
Published
2011-02-23
Updated
2017-08-17
1 vulnerabilities found