6 matches found
EUVD-2014-7827
Malware in sbrugna...
CVE-2014-7978
Cross-site scripting XSS vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
Cross site scripting
Cross-site scripting XSS vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
CVE-2014-7978
Cross-site scripting XSS vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
CVE-2014-7978
The CVE-2014-7978 entry concerns the Bluemasters (BlueMasters) Drupal 7.x-2.x theme. The vulnerability is a stored/reflected XSS caused by insufficient sanitization of theme settings, allowing remote authenticated users with the administer themes permission to inject arbitrary script/HTML via the...
SA-CONTRIB-2014-037 - BlueMasters - Cross Site Scripting
Bluemasters is a responsive layout theme for Drupal 7. The Bluemasters theme does not properly sanitize theme settings before they are used in the output of a page. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer themes". CVE identifie...