← Back

Nancy Wichmann

nancy_wichmann

6 CVEs • 5 products

Products (5)

Click to collapse
Toggle
Realname
realname
2 CVEs
Glossary
glossary
1 CVE
Taxonomy List
taxonomy_list
1 CVE
Sitedoc
sitedoc
1 CVE
Announcements
announcements
1 CVE

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-4500
1Nancy Wichmann
1Announcements
Apr 29, 2026
Oct 31, 2012
N/A· v4
N/A· v3
3.5 LOW· v2
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact.
CVE-2012-2298
2Drupal
Nancy Wichmann
2Realname
Realname
Apr 29, 2026
Aug 14, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) "user names in page ti...Show more
Multiple cross-site scripting (XSS) vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) "user names in page titles" and (2) "autocomplete callbacks."Show less
CVE-2012-2302
1Nancy Wichmann
1Sitedoc
Apr 29, 2026
Jul 25, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2012-2711
1Nancy Wichmann
1Taxonomy List
Apr 29, 2026
Jun 27, 2012
N/A· v4
N/A· v3
2.1 LOW· v2
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web sc...Show more
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information.Show less
CVE-2012-2339
2Drupal
Nancy Wichmann
2Drupal
Glossary
Apr 29, 2026
May 21, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."
CVE-2009-4524
1Nancy Wichmann
1Realname
Apr 23, 2026
Dec 31, 2009
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname (aka real name) element.