CVE-2014-8378 Information
Feb 14, 2021
cve
Description
Cross-site scripting (XSS) vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the \administer content types\ or \administer taxonomy\ permission to inject arbitrary web script or HTML via vectors related to the field help text in an entity edit form.
Reference
http://secunia.com/advisories/60688 http://www.securityfocus.com/bid/69227 https://exchange.xforce.ibmcloud.com/vulnerabilities/95312 https://www.drupal.org/node/2320027 https://www.drupal.org/node/2320613
Share on: