Security advisories for multiple Drupal 8 contributed modules: Smart Trim, Modal Page, Taxonomy access fix, Permissions by Term
Project: Smart Trim
Version: 8.x-1.x
Date: 2019-December-11
Security risk: Moderately critical
Vulnerability: Cross site scripting
Description
The Smart Trim module allows site builders additional control with text summary fields.
The module doesn't sufficiently filter text when certain options are selected.
This vulnerability is mitigated by the fact that an attacker must have a role with the ability to create content on the site when certain options are selected for the trimmed output.