2 matches found
CVE-2026-4929 Simple Hierarchical Select (Drupal 7) XSS in term-derived output
Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...
PT-2026-42579
Name of the Vulnerable Software and Affected Versions Simple Hierarchical Select SHS for Drupal 7 versions 7.x-1.0 through 7.x-1.10 Description Cross-site scripting risk exists due to improper output escaping of term-derived text. Malicious taxonomy term names can be rendered unsafely depending o...