First published: Wed Oct 08 2014(Updated: )
Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Drupal Simplecorp | =7.x-1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.