CVE-2014-5022 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.

Reference

http://www.debian.org/security/2014/dsa-2983 https://www.drupal.org/SA-CORE-2014-003

Share on: