CVE-2014-7979

CVE-2014-7979 is an XSS vulnerability in the SimpleCorp Drupal theme (7.x-1.x) affecting 7.x-1.0 prior to 7.x-1.1. The issue allows remote authenticated users with the administer themes permission to inject arbitrary script/HTML via theme settings. Exploitation details are not provided in the ini...