EUVD-2009-1248

Malware in sbrugna...

EUVD-2009-4090

Malware in sbrugna...

CVE-2013-4503

Cross-site scripting XSS vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options...

CVE-2013-4503

CVE-2013-4503 concerns the Drupal "Feed Element Mapper" module. The security advisory and related records specify that the module allows an attacker with the explicit permission "administer taxonomy" (remote authenticated user) to trigger a cross-site scripting (XSS) condition by injecting arbitr...

CVE-2013-4503

Cross-site scripting XSS vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options...

SA-CONTRIB-2013-085 - Feed Element Mapper - Cross Site Scripting

Feed Element Mapper is an add-on module for FeedAPI that maps elements on a feed item such as tags or the author name to taxonomy or CCK fields. The module doesn't sufficiently filter text when displaying options to users. This vulnerability is mitigated by the fact that an attacker must have a...

CVE-2009-4119

Cross-site scripting XSS vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4119

The CVE-2009-4119 issue affects Drupal’s Feed Element Mapper module: versions 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 are vulnerable to cross-site scripting, allowing remote attackers to inject arbitrary scripts/HTML via unspecified vectors. Root cause deta...

CVE-2009-4119

Cross-site scripting XSS vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

SA-CONTRIB-2009-104 - Feed Element Mapper - Cross Site Scripting

Feed Element Mapper is an add-on module for FeedAPI that maps elements on a feed item such as tags, or the author name, to taxonomy or CCK fields. These mappings are configurable by a point and click interface. When configuring the mapping, some values coming from external feeds are not sanitized...

CVE-2009-1249

Cross-site scripting XSS vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map...

CVE-2009-1249

CVE-2009-1249: XSS in Drupal’s Feed element mapper 5.x before 5.x-1.1. The vulnerability affects the Feed element mapper module for Drupal, allowing remote attackers to inject arbitrary script/HTML via the content title at admin/content/node-type/nodetype/map. Root cause is insufficient validatio...

SA-CONTRIB-2009-018 - Feed element mapper - Cross site scripting

Feed element mapper is an Add-on module for FeedAPI that maps elements on a feed item such as tags or the author name to taxonomy or CCK fields. These mappings are configurable by point and click. The module does not escape content titles enabling malicious users to insert arbitrary HTML and...