Drupal cross-site scripting vulnerability (CNVD-2018-05185)

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community. jQuery is one of the JavaScript libraries used in it. A cross-site scripting vulnerability exists in jQuery in Drupal versions 8 and 7. A remote attacker can exploit this vulnerability...

UBUNTU-CVE-2013-6389

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...