4 matches found
CVE-2014-7869
Cross-site scripting XSS vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer contexts" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-7869
Cross-site scripting XSS vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer contexts" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-7869
Cross-site scripting XSS vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer contexts" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-7869
The vulnerability CVE-2014-7869 affects the Drupal contributed module Context Form Alteration (7.x-1.x) prior to 7.x-1.2. The root cause is insufficient input sanitization in the module’s Configuration UI, allowing remote authenticated users with the administer contexts permission to inject arbit...