9 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-5021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the...
Fedora Update for drupal7 FEDORA-2014-8515
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : drupal7-7.29-1.fc20 (2014-8485)
Fixes SA-CORE-2014-003. For details refer to: https://www.drupal.org/drupal-7.29-release-notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
CVE-2014-5021
CVE-2014-5021 concerns Drupal’s Form API XSS vulnerability. The vulnerability affects Drupal 6.x before 6.32 and potentially 7.x before 7.29, where remote authenticated users who possess the “administer taxonomy” permission can inject arbitrary script or HTML via an option group label. The impact...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
Debian DSA-2983-1 : drupal7 - security update
Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting. More information can be found at https://www.drupal.org/SA-CORE-2014-003. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Drupal 6.x < 6.32 / 7.x < 7.29 Multiple Vulnerabilities
The remote web server is running a version of Drupal that is 6.x prior to 6.32 or 7.x prior to 7.29. It is, therefore, potentially affected by the following vulnerabilities : - The HTTP Host header, which determines the configuration file used by Drupal core's multisite feature, does not properly...