4 matches found
CVE-2012-4485
Multiple cross-site scripting XSS vulnerabilities in the galleryformatterfieldformatterview functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the galleryformatterfieldformatterview functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or...
CVE-2012-4485
Multiple cross-site scripting XSS vulnerabilities in the galleryformatterfieldformatterview functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or...
SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS)
Gallery formatter provides a field formatter for images that turns the fields into jQuery galleries. The module did not properly escape input from the user before printing it to the browser, allowing malicious users to inject script code into the page. This vulnerability is mitigated by the fact...