CVE-2014-8296

The CVE-2014-8296 entry concerns Drupal’s Modal Frame API module (version 6.x-1.x) with an XSS vulnerability in versions prior to 6.x-1.9. The issue is caused by insufficient filtering of user-supplied text, allowing remote attackers to inject arbitrary script or HTML via unspecified vectors. Aff...