3 matches found
CVE-2014-8075
The CVE-2014-8075 entry covers a Cross-site scripting (XSS) vulnerability in the Drupal Tribune module (versions 6.x-1.x and 7.x-3.x). The root cause is insufficient filtering of user-provided text from Tribune node titles, allowing remote authenticated users with certain permissions to inject ar...
CVE-2014-8075
Cross-site scripting XSS vulnerability in the Tribune module 6.x-1.x and 7.x-3.x for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...
SA-CONTRIB-2014-008 - Tribune - Cross Site Scripting (XSS)
A tribune is a type of chatroom. The module doesn't sufficiently filter user provided text from Tribune node titles. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create a Tribune node. CVE identifiers issued CVE-2014-8075 Versions affected...