2 matches found
CVE-2013-2177
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label...
CVE-2013-2177
The CVE-2013-2177 entry affects the Drupal contributed module Display Suite (branch 7.x-1.x: before 7.x-1.7; branch 7.x-2.x: before 7.x-2.3). The vulnerability arises from insufficient sanitization of entity bundle labels, permitting remote authenticated users with certain permissions to inject a...