3 matches found
CVE-2015-5514
Cross-site scripting XSS vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, when the migrateui submodule is enabled, allows user-assisted remote attackers to inject arbitrary web script or HTML via a destination field label...
CVE-2015-5514
The CVE-2015-5514 issue affects the Drupal Migrate module (7.x-2.x) prior to 7.x-2.8, specifically when the migrate_ui submodule is enabled. The root cause is insufficient sanitization of destination field labels, enabling user-assisted remote attackers to inject arbitrary web script or HTML. Pra...
Migrate - Less critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-130
This module enables you to manage migration processes through the administrative UI. The module doesn't sufficiently sanitize destination field labels thereby exposing a Cross Site Scripting vulnerability XSS. This vulnerability is mitigated by the fact that an attacker must have a role with...