2 matches found
SA-CONTRIB-2013-074 - MediaFront - Cross Site Scripting (XSS)
The MediaFront module provides a front-end media presentation layer for Drupal The module doesn't sufficiently filter user input from MediaFront preset settings. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer mediafront" to exploit th...
SA-CONTRIB-2012-160 - OM Maximenu - Cross Site Scripting (XSS)
This module enables you to create custom menus with effects and integrate module blocks as it's menu item content. The module doesn't sufficiently state the risk of giving permission to create OM Maximenus. This vulnerability is mitigated by the fact that an attacker must have a role with the...