EUVD-2014-8215

Malware in sbrugna...

TableField - Moderately critical - Access bypass and Cross Site Scripting - SA-CONTRIB-2019-051

This module allows you to attach tabular data to an entity. Access bypass There's no access check for users with an "Export Tablefield Data as CSV". They can export data from unpublished nodes or otherwise inaccessible entities. This vulnerability is mitigated by the fact that an attacker must ha...

Cross site scripting

Cross-site scripting XSS vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the "administer content types" or "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to the field help text in an entity edit form...

CVE-2014-8378

Cross-site scripting XSS vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the "administer content types" or "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to the field help text in an entity edit form...

CVE-2014-8378

CVE-2014-8378 affects the Drupal contributed TableField module (7.x-2.x) prior to 7.x-2.3. The vulnerability is a cross-site scripting (XSS) flaw where remote authenticated users with the permissions to administer content types or administer taxonomy can inject arbitrary web script or HTML via th...

CVE-2014-8378

Cross-site scripting XSS vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the "administer content types" or "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to the field help text in an entity edit form...

CVE-2010-1998

CVE-2010-1998 affects the Drupal CCK TableField module (6.x) prior to 6.x-1.2. The vulnerability is an XSS via table headers that remote authenticated users with certain node creation/editing privileges can exploit to inject arbitrary script/HTML. The NVD entry lists a low base score (CVSS2: 2.1,...