Tag1consulting : Security Vulnerabilities, CVEs, CVSS score >= 1
Cross-site scripting (XSS) vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "track time spent" permission to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.11%
Published
2012-09-20
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the Support Ticketing System module 6.x-1.x before 6.x-1.7 for Drupal allows remote authenticated users with the "administer support projects" permission to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.11%
Published
2012-09-20
Updated
2017-08-29
2 vulnerabilities found