Erik Webb » Password Policy : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in password_policy.admin.inc in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote authenticated users with administer policies permissions to inject arbitrary web script or HTML via the name parameter.
Max CVSS
2.1
EPSS Score
0.13%
Published
2012-09-20
Updated
2012-09-20
1 vulnerabilities found