Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:4 a.m.5 views

CVE-2014-8376

Cross-site scripting XSS vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" Context UI module permission to inject arbitrary web script or HTML via vectors related to context...

3.5CVSS5.4AI score0.00946EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/10/21 3:0 p.m.20 views

CVE-2014-8376

Cross-site scripting XSS vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" Context UI module permission to inject arbitrary web script or HTML via vectors related to context...

5.2AI score0.00946EPSS
Exploits0References4
CVE
CVE
added 2014/10/21 3:0 p.m.37 views

CVE-2014-8376

The CVE-2014-8376 entry applies to the Drupal Site Banner module (7.x) prior to 7.x-4.1. Affected component is the context administration sub-panel; the root cause is insufficient sanitization of existing context settings, exposing a Cross-Site Scripting (XSS) vulnerability. Remote authenticated ...

3.5CVSS5.3AI score0.00946EPSS
Exploits0References4Affected Software1
Drupal
Drupal
added 2014/08/20 12:0 a.m.14 views

SA-CONTRIB-2014-081 - Site Banner - Cross Site Scripting (XSS)

The Site Banner module enables you to display a banner at the top and bottom of a Drupal site. This module incorrectly prints existing context settings without proper sanitization, opening a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must...

3.5CVSS5.7AI score0.00946EPSS
Exploits0References11
Rows per page
Query Builder