3 matches found
EUVD-2015-3398
Malware in sbrugna...
CVE-2015-3353
CVE-2015-3353: XSS in Drupal Field Display Label module (7.x) prior to 7.x-1.3. Root cause: inadequate sanitization of the alternate field label in content types settings, allowing remote authenticated users to inject arbitrary script/HTML. Affected: Drupal 7.x-1.x before 7.x-1.3 (Field Display L...
Drupal Field Display Label Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in the Drupal Field Display Label module because it fails to properly filter user-supplied input. An attacker may be able to exploit this vulnerability to execute arbitrary...