3 matches found
EUVD-2015-3414
Malware in sbrugna...
Drupal Taxonews Module Cross-Site Scripting Vulnerability
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Taxonews is one of the modules that generates blocks containing titles for nodes in the taxonomy vocabulary by matching conditions. A cross-site scripting vulnerability exists in the...
Cross site scripting
Cross-site scripting XSS vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block...