3 matches found
CVE-2015-3371
Open redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...
CVE-2015-3371
The CVE-2015-3371 Open Redirect vulnerability affects the Drupal Node Invite module up to 6.x-2.x, specifically versions prior to 6.x-2.5. The issue arises from the destination parameter, allowing remote attackers to redirect users to arbitrary websites, enabling phishing. Affected component: Nod...
SA-CONTRIB-2015-032 - Node Invite - Multiple vulnerabilities
Node Invite module enables you to invite people to RSVP on node types that have been configured to represent events. The module doesn't sufficiently sanitize the titles of nodes in some listings, allowing a malicious user to inject code, thereby leading to a Cross Site Scripting XSS vulnerability...