7 matches found
EUVD-2015-3437
Malware in sbrugna...
CVE-2015-3392
Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
Cross site scripting
Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
CVE-2015-3392
CVE-2015-3392 (Drupal) affects the Ajax Timeline module for Drupal 7.x. The root cause is insufficient escaping of node titles when rendering the timeline, enabling a Cross-site Scripting (XSS) vulnerability. It allows remote authenticated users to inject arbitrary web script or HTML via a node t...
CVE-2015-3392
Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
Drupal Ajax Timeline Module Cross-Site Scripting Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal Ajax Timeline module due to the program failing to properly filter user-supplied input. An attacker could use thi...
SA-CONTRIB-2015-035 - Ajax Timeline - Cross Site Scripting (XSS)
Ajax Timeline module enables you to display a vertical timeline of nodes based off a date field or created date of the configured nodes. The module doesn't sufficiently escape node titles when displaying the timeline, allowing a malicious user to inject code. This vulnerability is mitigated by th...