Back to search
CVE-2014-8376
Published: Oct 21, 2014
Modified: Sep 16, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" Context UI module permission to inject arbitrary web script or HTML via vectors related to context settings.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
60758
third-party-advisory
x_refsource_SECUNIA
https://www.drupal.org/node/2324303
x_refsource_CONFIRM
https://www.drupal.org/node/2324689
x_refsource_MISC
69343
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now