Vulnerabilities > Drupal > Skeleton Theme > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-13 | CVE-2014-8746 | Cross-Site Scripting vulnerability in Drupal Skeleton Theme 7.X1.2/7.X1.3 Cross-site scripting (XSS) vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings. | 3.5 |