Vulnerability Details CVE-2006-6647
Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3 module for Drupal allows remote attackers to inject arbitrary web script or HTML via the Title field when editing a page. NOTE: some details were obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.5%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2006-6647
-
cpe:2.3:a:drupal:drupal_mysite:4.7
-
cpe:2.3:a:drupal:drupal_mysite:5