RSS   Podatności dla 'Galleryformatter'   RSS

2012-10-31
 
CVE-2012-4485

 

 
Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or HTML via the (1) title or (2) alt parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top