Zen Project: >> Zen >> 6.x-1.3 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the breadcrumb separator field.
CVSS Score
5.4
EPSS Score
0.004
Published
2019-11-13