CVE-2014-8746

The CVE-2014-8746 entry refers to a Cross-site scripting (XSS) vulnerability in the Skeleton theme for Drupal, affecting versions 7.x-1.2 through 7.x-1.3 prior to 7.x-1.4. The issue allows remote authenticated users who have the "administer themes" permission to inject arbitrary web script or HTM...