VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 13, 2010· Updated Apr 29, 2026

CVE-2010-2724

CVE-2010-2724

Description

Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchical_select form.

Affected products

31
  • Wimleers/Hierarchical Select31 versions
    cpe:2.3:a:wimleers:hierarchical_select:5.x-1.0:*:*:*:*:*:*:*+ 30 more
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-1.x:dev:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-2.x:dev:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc5:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc6:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.0:rc7:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:5.x-3.x:dev:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:6.x-3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:6.x-3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:hierarchical_select:6.x-3.x:dev:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.