CVE-2018-7603
CVE-2018-7603 affects Drupal via the third‑party Search Autocomplete module. The vulnerability is a Cross Site Scripting (XSS) flaw in the autocompletion data path, arising from insufficient filtering of user-supplied text among autocompletion items (nodes, comments, etc.). It is exploitable by a...