Description
Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files.
Remediation
References
Related Vulnerabilities
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)
WordPress Plugin Job Manager Cross-Site Scripting (0.7.22)
WordPress Plugin Thrive Clever Widgets Security Bypass (1.56)
MySQL CVE-2022-21372 Vulnerability (CVE-2022-21372)
WordPress Plugin Advanced Access Manager Arbitrary Code Execution (2.8.2)