Skip to content

Access Control: Drupal Avatar Uploader - Cross-Site Scripting

Identifier: drupal_avatar_xss

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Drupal Avatar Uploader v7.x-1.0-beta8 plugin contains a cross-site scripting vulnerability in the slider import search feature and tab parameter via plugin settings.

Reference:

Configuration

Example

Example configuration:

---
security_tests:
  drupal_avatar_xss:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.