29 matches found
EUVD-2013-0341
Malware in sbrugna...
EUVD-2015-4415
Malware in sbrugna...
EUVD-2013-2136
Malware in sbrugna...
CVE-2013-0323
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the author field...
CVE-2013-2177
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label...
Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036
This module enables field collections to be displayed as tables. It supports display suite and field permissions and provides operations modify, delete, duplicate. This module has multiple vulnerabilities due to the requirements on the routes it provides not being restrictive enough. Information...
Fedora Update for drupal7-ds FEDORA-2019-5258ea8ae2
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 29 Update: drupal7-ds-2.16-1.fc29
Display Suite allows you to take full control over how your content is disp layed using a drag and drop interface. Arrange your nodes, views, comments, user data etc. the way you want without having to work your way through dozens of tem plate files. A predefined list of layouts D7 only is...
[SECURITY] Fedora 30 Update: drupal7-ds-2.16-1.fc30
Display Suite allows you to take full control over how your content is disp layed using a drag and drop interface. Arrange your nodes, views, comments, user data etc. the way you want without having to work your way through dozens of tem plate files. A predefined list of layouts D7 only is...
Display Suite - Critical - Cross site scripting (XSS) - SA-CONTRIB-2018-019
Display Suite allows you to take full control over how your content is displayed using a drag and drop interface. The module doesn't sufficiently validate view modes provided dynamically via URLs leading to a reflected cross site scripting XSS attack. This vulnerability is mitigated only by the...
Drupal Display Suite module cross-site scripting vulnerability (CNVD-2017-10592)
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal Display Suite module, which stems from the program not properly validating user input. When an unknowing user...
Display Suite - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2017-049
Display Suite allows you to take full control over how your content is displayed using a drag and drop interface. In certain situations, Display Suite does not properly sanitize some of the output, allowing a malicious user to embed scripts within a page, resulting in a Cross-site Scripting XSS...
CVE-2015-4392
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-2.7 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to field display settings...
Cross site scripting
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-2.7 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to field display settings...
CVE-2015-4392
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-2.7 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to field display settings...
CVE-2015-4392
CVE-2015-4392 describes an XSS vulnerability in the Drupal Display Suite module for version 7.x-2.7. The issue allows remote authenticated users to inject arbitrary script/HTML via field display settings. The root cause is improper sanitization in Display Suite 7.x-2.7. Mitigation: upgrade to Dis...
Drupal Display Suite Module Cross-Site Scripting Vulnerability
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Display Suite is one of the content display management modules. A cross-site scripting vulnerability exists in the Drupal Display Suite module, which stems from the program's failure to...
Display Suite - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-095
Display Suite allows you to take full control over how your content is displayed using a drag and drop interface. In certain situations, Display Suite does not properly sanitize some of the output, allowing a malicious user to embed scripts within a page, resulting in a Cross-site Scripting XSS...
CVE-2013-2177
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label...
Cross site scripting
Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label...