7 matches found
EUVD-2012-4425
Malware in sbrugna...
CVE-2012-4496
Cross-site scripting XSS vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" permission to inject arbitrary web script or HTML via the status labels parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" permission to inject arbitrary web script or HTML via the status labels parameter...
CVE-2012-4496
The CVE-2012-4496 entry concerns the Drupal module “Custom Publishing Options” (6.x-1.x) with a flaw prior to 6.x-1.4. The vulnerability is an XSS in the status labels parameter that can be exploited by remote authenticated users who have the “administer nodes” permission. This is a component/ent...
CVE-2012-4496
Cross-site scripting XSS vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" permission to inject arbitrary web script or HTML via the status labels parameter...
Drupal Custom Publishing Options 6.x XSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vulnerability Report Reported: January 3, 2012 Author: Justin C. Klein Keane Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL. The Drupal Custom...
SA-CONTRIB-2012-127 - Custom Publishing Options - Cross Site Scripting (XSS) Vulnerability
The Custom Publishing Options module allows you to create custom publishing options for nodes. It allows you to add to the default options of Publish, Promote to Front Page, and Sticky. It also ingrates with views to allow you add as a field, sort and filter by, your custom options. The module...