Lucene search
K

4 matches found

NVD
NVD
added 2015/06/15 2:59 p.m.11 views

CVE-2015-4369

Cross-site scripting XSS vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References5
CVE
CVE
added 2015/06/15 2:0 p.m.43 views

CVE-2015-4369

The CVE-2015-4369 entry relates to a Cross‑Site Scripting (XSS) vulnerability in the Drupal Trick Question module. Affected software: Trick Question module for Drupal 6.x (versions prior to 6.x-1.5) and Drupal 7.x (prior to 7.x-1.5). Root cause: the module does not sufficiently sanitize user‑subm...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/06/15 2:0 p.m.20 views

CVE-2015-4369

Cross-site scripting XSS vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00965EPSS
Exploits0References5
Drupal
Drupal
added 2015/03/04 12:0 a.m.11 views

SA-CONTRIB-2015-073 - Trick Question - Cross Site Scripting (XSS)

The Trick Question is a CAPTCHA-type spam prevention module; a lightweight, compact and simple alternative to larger and more complex modules. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. The vulnerability is...

3.5CVSS6AI score0.00965EPSS
Exploits0References11
Rows per page
Query Builder