3 matches found
CVE-2015-4384
Cross-site scripting XSS vulnerability in the Ubercart Webform Checkout Pane module 6.x-3.x before 6.x-3.10 and 7.x-3.x before 7.x-3.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-4384
CVE-2015-4384 describes a cross-site scripting (XSS) vulnerability in the Ubercart Webform Checkout Pane module for Drupal. The issue affects Ubercart Webform Checkout Pane 6.x-3.x up to before 6.x-3.10 and 7.x-3.x up to before 7.x-3.11, arising because the module does not sufficiently sanitize u...
Ubercart Webform Checkout Pane - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-087
Ubercart Webform Checkout Pane module allows you to define Webform nodes as checkout/order panes in Ubercart. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an...