3 matches found
CVE-2015-4358
The vulnerability CVE-2015-4358 affects Ubercart Discount Coupons module for Drupal 6.x-1.x prior to 6.x-1.8. The issue is an XSS in unspecified administration pages due to insufficient sanitization of user-supplied text, exploitable by remote authenticated users with certain permissions to injec...
CVE-2015-4358
Cross-site scripting XSS vulnerability in unspecified administration pages in the Ubercart Discount Coupons module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...
SA-CONTRIB-2015-064 - Ubercart Discount Coupons - Cross Site Scripting (XSS)
Ubercart Discount Coupons module provides discount coupons for Ubercart stores. The module doesn't sufficiently sanitize user supplied text in some administration pages, thereby exposing a Cross Site Scripting vulnerability. The vulnerability is mitigated by the fact that an attacker must have a...