EUVD-2014-9171

Malware in sbrugna...

EUVD-2012-1662

Malware in sbrugna...

CVE-2014-9346

Multiple cross-site scripting XSS vulnerabilities in the Hierarchical Select module 6.x-3.x before 6.x-3.9 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to the 1 taxonomy term title for instances with Save term...

CVE-2014-9346

The CVE records multiple XSS vulnerabilities in the Drupal Hierarchical Select module (6.x-3.x) prior to 6.x-3.9. The issues allow remote authenticated users with certain permissions to inject arbitrary script/HTML via (1) taxonomy term title when Save term lineage is enabled and (2) entity type ...

CVE-2012-1652

The CVE-2012-1652 affects the Drupal contributed module Hierarchical Select (6.x-3.x) prior to 6.x-3.8. It is a Cross-Site Scripting (XSS) vulnerability caused by unsanitized data in vocabulary help text exposed to remote authenticated users with administer taxonomy permissions. The impact is tha...

CVE-2010-2724

Cross-site scripting XSS vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchicalselect form...

CVE-2010-2724

The CVE-2010-2724 entry describes a Cross-site scripting (XSS) vulnerability in the Drupal Hierarchical Select module (5.x before 5.x-3.2 and 6.x before 6.x-3.2). Affected component: hierarchical_select form. Root cause implied: improper handling of input that allows an authenticated user with ad...