Lucene search
K

4 matches found

NVD
NVD
added 2013/03/27 9:55 p.m.14 views

CVE-2013-1787

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Simple Corporate theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.3AI score0.00941EPSS
Exploits0References4
CVE
CVE
added 2013/03/27 9:0 p.m.36 views

CVE-2013-1787

The CVE-2013-1787 issue affects the Drupal contributed Simple Corporate theme (versions before 7.x-1.4). The vulnerability lies in the 3-slide gallery on the homepage where user-provided content is not properly sanitized, allowing remote authenticated users with the administer themes permission t...

2.1CVSS5.4AI score0.00941EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/03/27 9:0 p.m.11 views

CVE-2013-1787

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Simple Corporate theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00941EPSS
Exploits0References4
Drupal
Drupal
added 2013/02/27 12:0 a.m.15 views

SA-CONTRIB-2013-033 - Simple Corporate theme - Cross Site Scripting (XSS)

This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...

2.1CVSS5.6AI score0.00941EPSS
Exploits0References10
Rows per page
Query Builder