EUVD-2012-2887

Malware in sbrugna...

CVE-2012-2907

Cross-site scripting XSS vulnerability in the aberdeenbreadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the breadcrumb, allows remote attackers to inject arbitrary web script or HTML via the content title in a...

Cross site scripting

Cross-site scripting XSS vulnerability in the aberdeenbreadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the breadcrumb, allows remote attackers to inject arbitrary web script or HTML via the content title in a...

CVE-2012-2907

Cross-site scripting XSS vulnerability in the aberdeenbreadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the breadcrumb, allows remote attackers to inject arbitrary web script or HTML via the content title in a...

SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting

CVE: CVE-2012-2907. The Aberdeen theme provides a configurable breadcrumb which is commonly used as an additional navigation tool for users. The theme outputs the breadcrumb, but does not provide sufficient filtering to prevent a Cross site scripting XSS attack. This vulnerability is mitigated by...