Project:
Context
Version:
7.x-3.x-dev
Date:
2019-February-27
Security risk:
Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability:
Cross site scripting
Description:
This module enables you to manage contextual conditions and reactions for different portions of your site.
The module doesn't sufficiently sanitize user output when displayed leading to a Cross Site Scripting (XSS) vulnerability.
This vulnerability is mitigated by the fact that an attacker must have the ability to store malicious markup in the site (e.g. permission to create a node with a field that accepts "filtered html").
Project: Context Version: 7.x-3.x-dev Date: 2019-February-27 Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All Vulnerability: Cross site scripting Description: This module enables you to manage contextual conditions and reactions for different portions of your site.
The module doesn't sufficiently sanitize user output when displayed leading to a Cross Site Scripting (XSS) vulnerability.
This vulnerability is mitigated by the fact that an attacker must have the ability to store malicious markup in the site (e.g. permission to create a node with a field that accepts "filtered html").
Solution: Install the latest version: