Lucene search
K

7 matches found

Prion
Prion
added 2013/03/27 9:55 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.6AI score0.00941EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2013/03/27 9:55 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.6AI score0.00962EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2013/03/27 9:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Professional theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.6AI score0.00941EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/03/27 9:0 p.m.21 views

CVE-2013-1779

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00962EPSS
Exploits0References4
CVE
CVE
added 2013/03/27 9:0 p.m.46 views

CVE-2013-1786

CVE-2013-1786 is a Drupal-related XSS in the contributed Company Theme before 7.x-1.4. The vulnerability lies in the 3 slide gallery not properly sanitizing user-entered content, enabling remote authenticated users with the administer themes permission to inject arbitrary script/HTML via unspecif...

2.1CVSS5.4AI score0.00941EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2013/03/27 9:0 p.m.45 views

CVE-2013-1781

The CVE-2013-1781 entry affects Drupal’s Professional Theme prior to 7.x-1.4. The vulnerability is an XSS in the 3 slide gallery where unsanitized user content can be injected by remote authenticated users with administer themes permission via unspecified vectors. Affected software: Professional ...

2.1CVSS5.4AI score0.00941EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2013/02/27 12:0 a.m.27 views

SA-CONTRIB-2013-030 - Clean Theme - Cross Site Scripting (XSS)

This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...

2.1CVSS5.6AI score0.00941EPSS
Exploits0References10
Rows per page
Query Builder