EUVD-2014-7928

Malware in sbrugna...

EUVD-2015-8122

Malware in sbrugna...

CVE-2015-8233

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...

Drupal MAYO theme cross-site scripting vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.MAYO theme is one of the modules that provides users with an easy way to define and create a theme of their choice. A cross-site scripting vulnerability exists in Drupal MAYO theme...

CVE-2015-8233

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...

Cross site scripting

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...

CVE-2015-8233

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...

CVE-2015-8233

The MAYO Drupal theme (7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6) is affected by an XSS vulnerability. Root cause: insufficient sanitization in theme settings that remote administrators with the Administer themes permission can exploit to inject arbitrary script/HTML. Impact: potential fo...

MAYO theme - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-164

MAYO theme enables you to change certain theme settings via the administration interface. Some theme settings aren't sufficiently sanitized. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer themes". CVE identifiers issued CVE-2015-8233...

CVE-2014-8079

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting...

Cross site scripting

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting...

CVE-2014-8079

The Mayo contributed theme for Drupal 7.x (versions prior to 7.x-1.3) is affected by an XSS vulnerability. Root cause: theme settings allow linking to a header background file with insufficient sanitization, enabling arbitrary script/HTML injection. Impact: remote authenticated users with the adm...

SA-CONTRIB-2014-016 - Mayo Theme - XSS Vulnerability

The theme settings allow you to link to a header background file. A URL could be entered that was not properly sanitized leading to XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer themes". CVE identifiers issued...