Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 2:11 a.m.13 views

CVE-2013-4138

Cross-site scripting XSS vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any article type content" permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.5AI score0.00931EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/08/28 3:0 p.m.23 views

CVE-2013-4138

Cross-site scripting XSS vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any article type content" permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00931EPSS
Exploits0References3
CVE
CVE
added 2013/08/28 3:0 p.m.43 views

CVE-2013-4138

The CVE-2013-4138 entry applies to the Hatch theme (Drupal 7.x-1.x) prior to 7.x-1.4. The vulnerability is an XSS flaw that can be triggered by remote authenticated users who have Administer content, Create new article, or Edit any article type content permissions, allowing injection of arbitrary...

2.1CVSS5.4AI score0.00931EPSS
Exploits0References3Affected Software1
Drupal
Drupal
added 2013/07/10 12:0 a.m.26 views

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting

Hatch theme is a simple and minimal portfolio theme for photographers, illustrators, designers, or photobloggers. The theme didn't sufficiently escape user supplied text prior to printing them. This vulnerability is mitigated by the fact that an attacker must have a role with the permission...

2.1CVSS6.4AI score0.00931EPSS
Exploits0References9
Rows per page
Query Builder