RSS   Vulnerabilities for 'Custom search'   RSS

2014-10-17
 
CVE-2014-8320

 

 
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the "Label text" field to the results configuration page.

 


Copyright 2024, cxsecurity.com

 

Back to Top