EUVD-2014-9546

Malware in sbrugna...

CVE-2014-9740

Cross-site scripting XSS vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the 1 question and 2...

CVE-2014-9740

Cross-site scripting XSS vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the 1 question and 2...

Cross site scripting

Cross-site scripting XSS vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the 1 question and 2...

CVE-2014-9740

Cross-site scripting XSS vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the 1 question and 2...

CVE-2014-9740

CVE-2014-9740 concerns the Drupal contributed module Rules Link (7.x-1.x) , affected up to version 7.x-1.0 before 7.x-1.1 . The vulnerability arises from insufficient sanitization of the question and description strings in a triggering Rules link confirmation form, allowing remote authenticated u...

SA-CONTRIB-2014-083 - Rules Link - Cross Site Scripting (XSS)

This module allows you to create links which trigger arbitrary functionality with the help of the Rules module. The module doesn't sufficiently sanitize the question and description strings when confirmation forms are displayed for triggering Rules links. This vulnerability is mitigated by the fa...