5 matches found
CVE-2013-1785
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1785
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1785
The vulnerability CVE-2013-1785 affects the Premium Responsive theme for Drupal (versions prior to 7.x-1.6). The issue is an XSS flaw in the theme’s 3-slide gallery where user-entered content isn’t properly sanitized, allowing remote authenticated users with the administer themes permission to in...
CVE-2013-1785
Cross-site scripting XSS vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...
SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS)
This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...