EUVD-2015-3393

Malware in sbrugna...

EUVD-2015-3392

Malware in sbrugna...

Drupal Cloudwords for Multilingual Drupal Module Cross-Site Request Forgery Vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community. cloudwords for Multilingual Drupal is one of the modules that provides multiple language translation. A cross-site request forgery vulnerability exists in the Drupal Cloudwords for...

Drupal Cloudwords for Multilingual Drupal module cross-site scripting vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community. cloudwords for Multilingual Drupal is one of the modules that provides multiple language translations. A cross-site scripting vulnerability exists in the Drupal Cloudwords for...

CVE-2015-3348

Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3347

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3348

Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3348

CVE-2015-3348 concerns the Cloudwords for Multilingual Drupal module (Drupal 7.x) prior to 7.x-2.3. The vulnerability is an XSS flaw where remote authenticated users can inject arbitrary script/HTML via a node title due to insufficient sanitization. Affected software: Cloudwords for Multilingual ...

CVE-2015-3347

The CVE-2015-3347 entry concerns the Cloudwords for Multilingual Drupal module for Drupal 7.x before 7.x-2.3, where a Cross-Site Request Forgery (CSRF) vulnerability could allow remote attackers to hijack a victim’s authenticated session via an unspecified menu callback. Public references confirm...

CVE-2015-3347

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

SA-CONTRIB-2015-006 - Cloudwords for Multilingual Drupal - Multiple vulnerabilities

This module provides integration with the Cloudwords third-party service. The module was not sanitizing node titles on certain conditions, thereby leading to a Cross Site Scripting XSS vulnerability. Also, a menu callback was not protected against CSRF. The XSS vulnerability is mitigated by the...