Vulnerabilities > Drupal > Mayo

DATE CVE VULNERABILITY TITLE RISK
2014-10-09 CVE-2014-8079 Cross-Site Scripting vulnerability in Drupal Mayo 7.X1.1/7.X1.2/7.X1.Xdev
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting.
network
low complexity
drupal CWE-79
4.0