CVE-2013-1786

2013-03-27T21:55:00
ID CVE-2013-1786
Type cve
Reporter cve@mitre.org
Modified 2013-03-28T04:00:00

Description

Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors.