CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

PT-2024-10098 · Drupal · Node Access Rebuild Progressive

Name of the Vulnerable Software and Affected Versions: Node Access Rebuild Progressive versions 7.X-1.0 through 7.X-1.2 Description: The issue is related to improper ownership management in Node Access Rebuild Progressive, allowing target influence via framing. This can be exploited by a remote...

Drupal Boost Module Information Disclosure Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Boost is one of the modules that improves the performance of a website by optimizing page caching of static files for anonymous users. An information disclosure vulnerability exists in...

Drupal Node Embed Module Remote Denial of Service Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Node Embed is one of the node modules used to integrate CKEditor's input filters into the content editor and embed them within the body of the article. A remote denial of service...

SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)

OG Tabs modules provides a secondary menu with links to nodes of the same OG group. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission t...

SA-CONTRIB-2015-017 - Room Reservations - Cross Site Scripting (XSS)

Room Reservations module enables you to manage a room reservation system. The module doesn't sufficiently sanitize the node title of "Room Reservations Category" nodes and the body of "Room Reservations Room" nodes, thereby leading to a Cross Site Scripting XSS vulnerability. This vulnerability i...

SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass

This module allows each entity field to be individually edited via its own custom page, accessible via a tab on the entity's page. The module returns an incorrect value to hookmenu if the current user does not have access to edit the entity. This allows users who would not normally have access to...

Drupal Open Omega模块访问绕过漏洞

Bugtraq ID:65822 Drupal是一套开放源码的内容管理平台。 当构建header和footer菜单时Drupal Open Omega不充分检查用户菜单访问，允许攻击者利用漏洞获取受限项的标题和路径信息。 0 Drupal Open Omega 7.x 厂商补丁： Drupal ----- Drupal Open Omega 7.x-1.1已经修复该漏洞，建议用户下载更新： http://drupal.org/project/openomega...

SA-CONTRIB-2012-143 PRH Search - Cross Site Scripting (XSS)

PRH Search provides an interface to search for association information for Finnish association using the PRH Patentti- ja Rekisterihallitus database. The module fails to sanitize data retrieved from an untrusted third party source, thereby exposing an arbitrary script injection vulnerability XSS...