What is the severity of CVE-2011-1066?

CVE-2011-1066 has been classified as a moderate severity vulnerability due to its potential for XSS attacks.

How do I fix CVE-2011-1066?

To fix CVE-2011-1066, upgrade the Reyero Messaging module to version 6.x-2.4 or 6.x-4.0-beta8 or later.

Who is affected by CVE-2011-1066?

CVE-2011-1066 affects users of the Reyero Messaging module versions 6.x-2.0 through 6.x-2.3 and 6.x-4.x before beta8.

What type of vulnerability is CVE-2011-1066?

CVE-2011-1066 is classified as a Cross-site Scripting (XSS) vulnerability.

Can CVE-2011-1066 be exploited remotely?

Yes, CVE-2011-1066 can be exploited remotely by attackers with administer messaging permissions.

Vulnerability/
CVE-2011-1066

low

2.6

CWE

22/2/2011

6/8/2024

CVE-2011-1066: XSS

First published: Tue Feb 22 2011(Updated: )

Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Reyero Messaging	=6.x-2.0
Reyero Messaging	=6.x-2.1
Reyero Messaging	=6.x-2.2
Reyero Messaging	=6.x-2.3
Reyero Messaging	=6.x-4.x-beta1
Reyero Messaging	=6.x-4.x-beta3
Reyero Messaging	=6.x-4.x-beta4
Reyero Messaging	=6.x-4.x-beta5
Reyero Messaging	=6.x-4.x-beta6
Reyero Messaging	=6.x-4.x-beta7
Drupal

Remedy

http://drupal.org/node/1064024

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1066?
CVE-2011-1066 has been classified as a moderate severity vulnerability due to its potential for XSS attacks.
How do I fix CVE-2011-1066?
To fix CVE-2011-1066, upgrade the Reyero Messaging module to version 6.x-2.4 or 6.x-4.0-beta8 or later.
Who is affected by CVE-2011-1066?
CVE-2011-1066 affects users of the Reyero Messaging module versions 6.x-2.0 through 6.x-2.3 and 6.x-4.x before beta8.
What type of vulnerability is CVE-2011-1066?
CVE-2011-1066 is classified as a Cross-site Scripting (XSS) vulnerability.
Can CVE-2011-1066 be exploited remotely?
Yes, CVE-2011-1066 can be exploited remotely by attackers with administer messaging permissions.

collector/nvd-historical
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
vendor/reyero
canonical/reyero messaging
version/reyero messaging/6.x-2.0
version/reyero messaging/6.x-2.1
version/reyero messaging/6.x-2.2
version/reyero messaging/6.x-2.3
version/reyero messaging/6.x-4.x-beta1
version/reyero messaging/6.x-4.x-beta3
version/reyero messaging/6.x-4.x-beta4
version/reyero messaging/6.x-4.x-beta5
version/reyero messaging/6.x-4.x-beta6
version/reyero messaging/6.x-4.x-beta7
vendor/drupal
canonical/drupal

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.