CVE-2014-8079
The Mayo contributed theme for Drupal 7.x (versions prior to 7.x-1.3) is affected by an XSS vulnerability. Root cause: theme settings allow linking to a header background file with insufficient sanitization, enabling arbitrary script/HTML injection. Impact: remote authenticated users with the adm...