Cross-site scripting (XSS) vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field.
Max CVSS
4.3
EPSS Score
0.25%
Published
2013-03-27
Updated
2013-07-20
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product classes permission to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.09%
Published
2012-08-14
Updated
2012-08-15
2 vulnerabilities found