Custom Search Project: >> Custom Search Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the "Label text" field to the results configuration page.
CVSS Score
3.5
EPSS Score
0.003
Published
2014-10-17