PT-2023-10825 · Drupal · Responsive Menu
Ayesh Karunaratne
·
Published
2023-05-01
·
Updated
2024-05-17
·
CVE-2018-25085
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Responsive Menus versions 7.x-1.x-dev through 7.x-1.6
Description
A vulnerability was found in the Responsive Menus module on Drupal, affecting the
responsive menus admin form submit function of the responsive menus.module file. This issue leads to cross-site scripting and can be exploited remotely.Recommendations
Upgrade to version 7.x-1.7 to address this issue. As a temporary workaround, consider disabling the
responsive menus admin form submit function until the patch is applied. Restrict access to the responsive menus.module file to minimize the risk of exploitation.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Responsive Menu