First published: Mon Oct 13 2014(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) Role or (2) Organic Group name.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Drupal Maestro | =7.x-1.0 | |
Drupal Maestro | =7.x-1.0-alpha1 | |
Drupal Maestro | =7.x-1.0-alpha2 | |
Drupal Maestro | =7.x-1.0-alpha3 | |
Drupal Maestro | =7.x-1.0-rc1 | |
Drupal Maestro | =7.x-1.1 | |
Drupal Maestro | =7.x-1.2 | |
Drupal Maestro | =7.x-1.3 | |
Drupal Maestro | =7.x-1.x-dev |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.