When you are using Vertical tab Module, it is vulnerable to XSS. When you provide Javascript in Menu, the javascript in vertical menu executes it. To avoid this modify verticaltabs/js/menu.js as
Drupal.verticalTabs.menu = function() {
var x = $('#edit-menu-link-title').value;
if (x != "") { return x; }
else { return Drupal.t('Not in menu'); }
else { return Drupal.t('Not in menu'); }
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.