Cross-site scripting (XSS) vulnerability in the Control Panel module 5.x through 5.x-1.5 and 6.x through 6.x-1.2 for Drupal allows remote authenticated users, with "administer blocks" privileges, to inject arbitrary web script or HTML via unspecified vectors.
Software | From | Fixed in |
---|---|---|
hashmarkconsulting / controlpanel | 5.x-1.1 | 5.x-1.1.x |
hashmarkconsulting / controlpanel | 5.x-1.2 | 5.x-1.2.x |
hashmarkconsulting / controlpanel | 5.x-1.3 | 5.x-1.3.x |
hashmarkconsulting / controlpanel | 5.x-1.4 | 5.x-1.4.x |
hashmarkconsulting / controlpanel | 5.x-1.5 | 5.x-1.5.x |
hashmarkconsulting / controlpanel | 6.x-1.0-beta1 | 6.x-1.0-beta1.x |
hashmarkconsulting / controlpanel | 6.x-1.0-beta2 | 6.x-1.0-beta2.x |
hashmarkconsulting / controlpanel | 6.x-1.1 | 6.x-1.1.x |
hashmarkconsulting / controlpanel | 6.x-1.2 | 6.x-1.2.x |