2 matches found
CVE-2018-7603
CVE-2018-7603 affects Drupal via the third‑party Search Autocomplete module. The vulnerability is a Cross Site Scripting (XSS) flaw in the autocompletion data path, arising from insufficient filtering of user-supplied text among autocompletion items (nodes, comments, etc.). It is exploitable by a...
Foreman Cross-Site Scripting Vulnerability (CNVD-2017-34618)
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in the search auto-completion feature in Foreman versions...