NuytsTech Security

CVE-2013-1783

by ·

Cross-site scripting (XSS) vulnerability in the 3 slide gallery in page–front.tpl.php in the Business theme before 7.x-1.8 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors.

Date published : 2013-03-27

http://www.securityfocus.com/bid/58216

http://drupal.org/node/1723246

Tags: