8 matches found
CVE-2014-9363
Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...
CVE-2014-9362
CVE-2014-9362 : A cross-site scripting (XSS) vulnerability in the Drupal contributed module Meta tags quick (7.x-2.x) up to version 7.x-2.7 (not affecting Drupal core) allows remote authenticated users who have the Edit path based meta tags permission to inject arbitrary HTML/JS via the path-base...
CVE-2014-9363
Open redirect vulnerability CVE-2014-9363 affects Drupal Meta tags quick module (7.x-2.x) prior to 7.x-2.8. The issue allows remote authenticated users to redirect others to arbitrary sites via the destination parameter in the path-based meta tag editing form. Impact is described as enabling phis...
CVE-2014-9363
Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...
SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities
Meta tags quick adds meta tags editing to all non-administrative pages of Drupal site. Redirector abuse in path-based meta tag editing form When editing a path-based meta tag, module does not check destination parameter of the URL, allowing attacker to pass arbitrary URL to meta tag editing form...
CVE-2011-5030
Cross-site scripting XSS vulnerability in the Meta tags quick module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, probably related to "names of entity bundles."...
CVE-2011-5030
The CVE refers to a Cross-site scripting (XSS) vulnerability in the Drupal Meta tags quick module (7.x-2.x) prior to version 7.x-2.3. It allows remote authenticated users with certain permissions to inject arbitrary scripts/HTML via unspecified vectors (likely related to entity bundle names). Rem...
SA-CONTRIB-2011-059 - Meta tags quick - Cross Site Scripting (XSS)
The Meta tags quick module provides a simple tool to add meta tags to a site. The module doesn't consistently filter user input which could lead to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer...