5 matches found
EUVD-2026-31381
Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...
CVE-2026-4929
Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...
CVE-2026-4929
The CVE concerns Simple Hierarchical Select (SHS) for Drupal 7, where cross-site scripting is possible due to improper output escaping of term-derived text. Affected code paths include field formatter output (shs_field_formatter_view) and term-tree child-term data generation (shs_term_get_childre...
CVE-2026-4929 Simple Hierarchical Select (Drupal 7) XSS in term-derived output
Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...
Simple hierarchical select - Moderately critical - Cross site request forgery - SA-CONTRIB-2019-038
Simple hierarchical select defines a new form widget for taxonomy fields to select a term by "browsing" through the vocabularies hierarchy. It also allows users to create new taxonomy terms using its widget directly in the node form. Version 7.x of Simple hierarchical select doesn't sufficiently...