Unrated severityNVD Advisory· Published Nov 13, 2019· Updated Aug 6, 2024
CVE-2013-4275
CVE-2013-4275
Description
Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the breadcrumb separator field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Zen/Zen themev5Range: 6.x-1.x
Patches
Vulnerability mechanics
References
8- seclists.org/fulldisclosure/2013/Aug/226mitrex_refsource_MISC
- www.madirish.netmitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2013/08/22/2mitrex_refsource_MISC
- www.securityfocus.com/bid/61922mitrex_refsource_MISC
- drupal.org/node/2071055mitrex_refsource_MISC
- drupal.org/node/2071065mitrex_refsource_MISC
- drupal.org/node/2071157mitrex_refsource_MISC
- drupal.org/node/754000mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.