5 matches found
EUVD-2015-4388
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
CVE-2015-4365
CVE-2015-4365 affects the Drupal contributed module Taxonomy Accordion . The underlying issue is insufficient sanitization of user-submitted text in taxonomy term-related pages, enabling a Cross-Site Scripting (XSS) vulnerability. The advisory indicates that remote authenticated users with certai...
Multiple Cross-Site Scripting Vulnerabilities in Drupal Taxonomy Accordion Module
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Taxonomy Accordion is one of the taxonomy modules. Multiple cross-site scripting vulnerabilities exist in the Drupal Taxonomy Accordion module. The program fails to adequately filter...
SA-CONTRIB-2015-069 - Taxonomy Accordion - Cross Site Scripting (XSS) - Unsupported
Taxonomy Accordion module creates a block for each taxonomy vocabularies. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user allowed to...