2 matches found
CVE-2013-0181
The CVE-2013-0181 issue is a Cross-site scripting (XSS) vulnerability in the Drupal Search API module (7.x-1.x) for Drupal 7.x, caused by insufficient sanitization of input in error messages surfaced when using certain backends and facets. Affected component is the Views integration within Search...
SA-CONTRIB-2013-001 - Search API - Cross Site Scripting
This module enables you to build searches using a wide range of features, data sources and backends. The module doesn't sufficiently sanitize user input when displaying errors in a view with certain backends, including the database backend. This enables attackers to create a Reflected Cross Site...