2 matches found
CVE-2015-4357
The CVE-2015-4357 vulnerability affects the Drupal Webform contributed module. Specifically, Webform 6.x prior to 6.x-3.22, 7.x prior to 7.x-3.22, and 7.x-4.x prior to 7.x-4.4 allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title that is...
CVE-2015-4357
Cross-site scripting XSS vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used as the default title of a...