CVE

Id
75279  
CVE No.
CVE-2014-7978  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings.  
Phase
Assigned (20141008)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
698544 75279 CVE-2014-7978 MISC:https://www.drupal.org/node/2236797  View
698545 75279 CVE-2014-7978 CONFIRM:https://www.drupal.org/node/2236251  View
698546 75279 CVE-2014-7978 BID:66782  View
698547 75279 CVE-2014-7978 URL:http://www.securityfocus.com/bid/66782  View
698548 75279 CVE-2014-7978 SECUNIA:57829  View
698549 75279 CVE-2014-7978 URL:http://secunia.com/advisories/57829  View
698550 75279 CVE-2014-7978 XF:bluemasters-drupal-xss(92537)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
16298 JVNDB-2014-005173 EspoCRM の install/index.php におけるアプリケーションを再インストールされる脆弱性 EspoCRM の install/index.php には、アプリケーションを再インストールされる脆弱性が存在します。 CVE-2014-7986 75279 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005173.html  View