Vulnerabilities > Drupac > Touch > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-06-18 | CVE-2014-4303 | Cross-Site Scripting vulnerability in Drupac Touch Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web script or HTML via vectors related to the (1) Twitter and (2) Facebook username settings. | 2.1 |