13 matches found
EUVD-2015-3413
Malware in sbrugna...
CVE-2015-3369
Cross-site scripting XSS vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block...
CVE-2015-3369
Cross-site scripting XSS vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block...
CVE-2015-3368
Cross-site scripting XSS vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a category name...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
CVE-2014-5021
Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...
CVE-2014-5021
Removed by vendor...
Cross site scripting
Cross-site scripting XSS vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options...
CVE-2013-4503
Cross-site scripting XSS vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options...
CVE-2013-4503
CVE-2013-4503 concerns the Drupal "Feed Element Mapper" module. The security advisory and related records specify that the module allows an attacker with the explicit permission "administer taxonomy" (remote authenticated user) to trigger a cross-site scripting (XSS) condition by injecting arbitr...
Drupal 5.17 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Drupal 5.17 Taxonomy Core Module Contains XSS Vulnerability May 7, 2009 Version tested: Drupal 5.17 http://lampsecurity.org/drupal-taxonomy-vulnerability Drupal http://drupal.org is a robust content management system CMS written in PHP and supported b...
CVE-2009-0818
Cross-site scripting XSS vulnerability in the taxonomythemeadmintablebuilder function taxonomythemeadmin.inc in Taxonomy Theme module before 5.x-1.2, a module for Drupal, allows remote authenticated users with the "administer taxonomy" permission, or the ability to create pages when tagging is...