John Albin » ZEN : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x before 6.x-1.1 for Drupal, when "Append the content title to the end of the breadcrumb" is enabled, allows remote attackers to inject arbitrary web script or HTML via the content title in a breadcrumb.
Max CVSS
2.6
EPSS Score
0.25%
Published
2012-06-27
Updated
2017-08-29
1 vulnerabilities found