This page lists publicly disclosed CVE vulnerabilities affecting drupal data (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-2715 | An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names. | [email protected] | 9.8 | 1.06% | 2020-01-14 | 2024-11-21 |
| CVE-2011-2714 | A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display. | [email protected] | 6.1 | 1.20% | 2020-01-14 | 2024-11-21 |