Aggregates CVE and security vulnerability intelligence across all kristof_de_jaeger-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk cross-site scripting; exposure may include vendor impact session compromise in vendor surface software deployment and vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-2177 | Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label. | [email protected] | 4.3 | 1.16% | 2013-06-25 | 2026-06-16 |
| CVE-2012-2073 | The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not check for the "use PHP for settings" permission while importing settings, which allows remote authenticated users with certain permissions to execute arbitrary PHP code via unspecified vectors. | [email protected] | 6.0 | 1.82% | 2012-08-14 | 2026-06-16 |
| CVE-2009-4520 | The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path. | [email protected] | 5.0 | 1.24% | 2009-12-31 | 2026-06-16 |