CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Danielb: >> Cool Aid >> 6.x-1.3 Security Vulnerabilities

CVE-2012-1648

Cross-site scripting (XSS) vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

2.1

EPSS Score

0.003

Published

2012-09-09

CVE-2012-1649

Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecified vectors.

CVSS Score

4.9

EPSS Score

0.008

Published

2012-09-09

Page 1

Vulnerabilities

Vulnerable Software

Danielb: >> Cool Aid >> 6.x-1.3 Security Vulnerabilities

Products

Pricing

Contact Us