Vulnerabilities > Drupac
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-06-18 | CVE-2014-4303 | Cross-Site Scripting vulnerability in Drupac Touch Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web script or HTML via vectors related to the (1) Twitter and (2) Facebook username settings. | 2.1 |