Oval Definition:	oval:com.ubuntu.trusty:def:20145021000
Revision Date: 2014-07-22 Version: 1 Title: CVE-2014-5021 on Ubuntu 14.04 LTS (trusty) - medium. Description: Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-5021 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'drupal7' package in trusty is affected and needs fixing.
BACK