mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-04 13:58:07 +02:00
0xMarcio
1.0 KiB
1.0 KiB
CVE-2013-1393
Description
Cross-site scripting (XSS) vulnerability in the CurvyCorners module 6.x-1.x and 7.x-1.x for Drupal allows remote authenticated users with the "administer curvycorners" permission to inject arbitrary web script or HTML via unspecified vectors.
POC
Reference
- http://packetstormsecurity.com/files/119766/Drupal-CurvyCorners-6.x-7.x-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/119766/Drupal-CurvyCorners-6.x-7.x-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/119814/CurvyCorners-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/119814/CurvyCorners-Cross-Site-Scripting.html
Github
No PoCs found on GitHub currently.