Unrated severityNVD Advisory· Published Oct 21, 2014· Updated May 6, 2026
CVE-2014-8376
CVE-2014-8376
Description
Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" Context UI module permission to inject arbitrary web script or HTML via vectors related to context settings.
Affected products
1- cpe:2.3:a:site_banner_project:site_banner:*:*:*:*:*:drupal:*:*Range: <=7.x-4.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.drupal.org/node/2324303nvdPatch
- www.drupal.org/node/2324689nvdVendor Advisory
- secunia.com/advisories/60758nvd
- www.securityfocus.com/bid/69343nvd
News mentions
0No linked articles in our index yet.