3 matches found
CVE-2015-3376
Cross-site scripting XSS vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
CVE-2015-3376
Cross-site scripting XSS vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
SA-CONTRIB-2015-027 - Quizzler - Cross Site Scripting (XSS)
The Quizzler module allows you to create online quizzes and tests. Quizzes are nodes with questions attached. The module does not sanitize user input in the node title when displaying it on the page, allowing a malicious user to inject code, a Cross Site Scripting XSS attack. This vulnerability i...