2 matches found
CVE-2015-4373
Summary: CVE-2015-4373 is a cross-site scripting (XSS) vulnerability in the OG Tabs contributed module for Drupal 7.x, affecting versions prior to 7.x-1.1. Affected component: OG Tabs module (Drupal 7.x). Root cause / vulnerability detail: Module does not sufficiently sanitize user-supplied text ...
SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)
OG Tabs modules provides a secondary menu with links to nodes of the same OG group. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission t...