Description

Cross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table.

Remediation

References

CVE-2008-0276

Related Vulnerabilities

MySQL CVE-2018-3064 Vulnerability (CVE-2018-3064)

WordPress Plugin Clean Login Unspecified Vulnerability (1.8)

MySQL CVE-2023-22112 Vulnerability (CVE-2023-22112)

IBM RTC Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1753)

Dolibarr Improper Input Validation Vulnerability (CVE-2013-2093)

Severity

Medium

Classification

CVE-2008-0276 CWE-707

Tags

Missing Update Known Vulnerabilities