4 matches found
SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS)
CVE: CVE-2012-2082 This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. The...
SA-CONTRIB-2012-011 - Panels - Cross Site Scripting (XSS)
CVE: CVE-2012-0914 The Panels module allows a site administrator to create customized layouts for multiple uses. The module doesn't sufficiently sanitize administrator supplied data. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer pane...
SA-CONTRIB-2010-058: Chaos tool suite - Multiple vulnerabilities
The Chaos tool suite ctools is primarily a set of APIs and tools to improve the developer experience. This module was found to have multiple vulnerabilities. Cross site scripting XSS The module did not properly sanitize node titles under certain circumstances, resulting in multiple cross-site...
Fedora 9 : drupal-views-6.x.2.6-1.fc9 (2009-6171)
Advisory ID: DRUPAL-SA-CONTRIB-2009-037 0 Project: Views Versions: 6.x-2.x Date: 2009-June-10 Security risk: Moderately critical Exploitable from: Remote Vulnerability: Cross Site Scripting XSS, Access Bypass -------- DESCRIPTION -------------------------------------------------------- - The...