EUVD-2013-0343

Malware in sbrugna...

CVE-2013-0325

Multiple cross-site scripting XSS vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or HTML via crafted a 1 Watchdog message or 2 admin setting...

Drupal Advanced Varnish module < 4.0.11 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Heine Deelstra in WordPress Module Advanced Varnish versions 4.0.11...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or HTML via crafted a 1 Watchdog message or 2 admin setting...

CVE-2013-0325

Multiple cross-site scripting XSS vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or HTML via crafted a 1 Watchdog message or 2 admin setting...

CVE-2013-0325

The vulnerability CVE-2013-0325 affects the Varnish module for Drupal (versions 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2). The underlying issue is cross-site scripting (XSS) via user-supplied data in module configuration (two vectors: a Watchdog message and an admin setting). Impac...

SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS)

This module provides integration between your Drupal site and the Varnish HTTP Accelerator, an advanced and very fast reverse-proxy system. The module doesn't sufficiently filter user-supplied text provided in the configuration settings. This vulnerability is mitigated by the fact that an attacke...