EUVD-2015-2196

Malware in sbrugna...

CVE-2015-2086

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

Drupal Panopoly Core Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in Drupal's Panopoly Core module that stems from not properly handling partial node titles. The vulnerability can be exploited ...

Panopoly Core - Moderately critical - Cross Site Scripting - SA-CONTRIB-2017-093

This module provides common functionality used by other modules in the Panopoly distribution and child distributions, like, Open Atrium. The module doesn't sufficiently filter node titles used in breadcrumbs when the "Append Page Title to Site Breadcrumb" setting is enabled. This vulnerability is...

Cross site scripting

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

CVE-2015-2086

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

CVE-2015-2086

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

CVE-2015-2086

CVE-2015-2086 describes an XSS vulnerability in the live preview of the Panopoly Magic module for Drupal 7.x, prior to 7.x-1.17. The issue arises from insufficient filtering of the pane title during re‑rendering of the preview, allowing remote authenticated users to inject arbitrary scripts/HTML....

Drupal Panopoly Magic Module Cross-Site Scripting Vulnerability

Drupal is an open source content management platform. A cross-site scripting vulnerability exists in Drupal Panopoly Magic Module, which allows remote attackers to exploit this vulnerability to construct malicious URIs and trick users into parsing them, which can be used to obtain sensitive...

SA-CONTRIB-2015-047 - Panopoly Magic - Cross Site Scripting (XSS)

This module enables live previews of Panels panes in the modal dialog for adding or editing them. The module doesn't sufficiently filter the pane title when re-rendering the live preview. This vulnerability is mitigated by the fact that an attacker must have permission to add or edit Panels panes...