7 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Professional theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1779
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1786
CVE-2013-1786 is a Drupal-related XSS in the contributed Company Theme before 7.x-1.4. The vulnerability lies in the 3 slide gallery not properly sanitizing user-entered content, enabling remote authenticated users with the administer themes permission to inject arbitrary script/HTML via unspecif...
CVE-2013-1781
The CVE-2013-1781 entry affects Drupal’s Professional Theme prior to 7.x-1.4. The vulnerability is an XSS in the 3 slide gallery where unsanitized user content can be injected by remote authenticated users with administer themes permission via unspecified vectors. Affected software: Professional ...
SA-CONTRIB-2013-030 - Clean Theme - Cross Site Scripting (XSS)
This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...