Vulnerabilities > Drupal > Mayo > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-09 | CVE-2014-8079 | Cross-Site Scripting vulnerability in Drupal Mayo 7.X1.1/7.X1.2/7.X1.Xdev Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting. | 4.0 |