CVE-2013-1786
CVE-2013-1786 is a Drupal-related XSS in the contributed Company Theme before 7.x-1.4. The vulnerability lies in the 3 slide gallery not properly sanitizing user-entered content, enabling remote authenticated users with the administer themes permission to inject arbitrary script/HTML via unspecif...