CVE-2015-4366

2015-06-1514:00:00

mitre

www.cve.org

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

39.8%

JSON

Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.

References

www.openwall.com/lists/oss-security/2015/04/25/6

www.securityfocus.com/bid/72957

www.drupal.org/node/2445977