6 matches found
EUVD-2014-8137
Malware in sbrugna...
CVE-2014-8296
Cross-site scripting XSS vulnerability in the Modal Frame API module 6.x-1.x before 6.x-1.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Modal Frame API module 6.x-1.x before 6.x-1.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-8296
The CVE-2014-8296 entry concerns Drupal’s Modal Frame API module (version 6.x-1.x) with an XSS vulnerability in versions prior to 6.x-1.9. The issue is caused by insufficient filtering of user-supplied text, allowing remote attackers to inject arbitrary script or HTML via unspecified vectors. Aff...
CVE-2014-8296
Cross-site scripting XSS vulnerability in the Modal Frame API module 6.x-1.x before 6.x-1.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)
This module enables provides an API to render an iframe within a modal dialog based on the jQuery UI Dialog plugin. You should not install this module unless another module requires you to, or you wish to use it for your own custom modules. The module doesn't sufficiently filter user supplied tex...