2 matches found
UBUNTU-CVE-2015-8831
Cross-site scripting XSS vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment...
Drupal 8.x < 8.1.10 Multiple Vulnerabilities
The version of Drupal running on the remote web server is 8.x prior to 8.1.10. It is, therefore, affected by multiple vulnerabilities : - A flaw exists due to improper checking for 'Administrator comments' permissions, which allows users who have rights to edit a node to set the visibility for...