BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper Nov 06 2014 07:11AM
mdgh9 yahoo com
Hello,

Cross Site Scripting (XSS) vulnerability exists in videowhisper module for Drupal 7.

Vendor Notification: 22, Oct 2014

Vulnerable file: drupal/modules/videowhisper/vwrooms/js/jsor-jcarousel/examples/special_t
extscroller.php

POC: http://vulnerable-website/drupal/modules/videowhisper/vwro...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus