23 matches found
CVE-2013-1780
The CVE-2013-1780 issue affects the Best Responsive Theme for Drupal (7.x-1.x) prior to 7.x-1.1. It is a cross-site scripting (XSS) vulnerability where improperly sanitized input in social icons can be exploited by remote authenticated users with the administer themes permission to inject arbitra...
SA-CONTRIB-2013-026 - Best Responsive Theme - Cross Site Scripting (XSS)
Best Responsive theme is a light weight Drupal 7 theme with a modern look and feel. The theme doesn't properly sanitize user-entered content in the social icon leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...
SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS)
This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...