3 matches found
CVE-2015-4365
Cross-site scripting XSS vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
CVE-2015-4365
CVE-2015-4365 affects the Drupal contributed module Taxonomy Accordion . The underlying issue is insufficient sanitization of user-submitted text in taxonomy term-related pages, enabling a Cross-Site Scripting (XSS) vulnerability. The advisory indicates that remote authenticated users with certai...
SA-CONTRIB-2015-069 - Taxonomy Accordion - Cross Site Scripting (XSS) - Unsupported
Taxonomy Accordion module creates a block for each taxonomy vocabularies. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user allowed to...