Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any article type content" permission to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2013/07/17/1 | |
https://drupal.org/node/2038189 | Patch |
https://drupal.org/node/2038363 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2022-10-03T16:14:58
Updated: 2022-10-03T16:14:58
Reserved: 2022-10-03T00:00:00
Link: CVE-2013-4138
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-08-28T22:55:05.703
Modified: 2013-09-19T01:10:21.667
Link: CVE-2013-4138
JSON object: View
Redhat Information
No data.
CWE